Squid HTCP Packets Processing denial of service Vulnerability
Squid External Auth Header Parser DOS Vulnerabilities
Squid Header-Only Packets Remote denial of service Vulnerability
Low risk vulnerabilities:
Clock accuracy checker (by HTTP)
Relative IP Identification number change
The vulnerability names come from a customer-provided Security Space Security Audit. Different vendors use different names to describe similar vulnerabilities.
These vulnerabilities cannot be ignored. We mitigate the issues presented by the vulnerabilities in several ways:
Anonymous access to the Squid proxy is not permitted.
All communications with the proxy are limited to customer agents.
Symantec recommends that a local update host be placed in inside of network perimeters on a stationary computer.
Symantec also recommends blocking access from untrusted networks to local update host service port 3128. However, the firewall must permit communications between the local update host and Symantec services.
These mitigation factors protect the local update host from external attack. Administrators must, however, be alert for possible internal threats.