cve/2023/CVE-2023-46724.md

### [CVE-2023-46724](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46724)
![](https://img.shields.io/static/v1?label=Product&message=squid&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%203.3.0.1%2C%20%3C%206.4%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-125%3A%20Out-of-bounds%20Read&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1285%3A%20Improper%20Validation%20of%20Specified%20Index%2C%20Position%2C%20or%20Offset%20in%20Input&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-129%3A%20Improper%20Validation%20of%20Array%20Index&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-786%3A%20Access%20of%20Memory%20Location%20Before%20Start%20of%20Buffer&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-823%3A%20Use%20of%20Out-of-range%20Pointer%20Offset&color=brighgreen)

### Description

 Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/MegaManSec/Squid-Security-Audit
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/fkie-cad/nvd-json-data-feeds