CVE-2023-49285: 
Squid vulnerability analysis and mitigation

CVE-2023-49285 affects Squid, a caching proxy for the Web supporting HTTP, HTTPS, and FTP. The vulnerability was discovered in late 2023 and involves a Buffer Overread bug in Squid's HTTP Message processing feature. The vulnerability affects all Squid versions up to and including version 6.4 (Vendor Advisory).

The vulnerability is classified as a Buffer Over-read (CWE-125, CWE-126) in Squid's HTTP Message processing functionality. It has received a CVSS v3.1 base score of 7.5 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating it can be exploited remotely with low attack complexity and requires no privileges or user interaction (NVD).

When successfully exploited, this vulnerability can lead to a Denial of Service (DoS) attack against Squid HTTP Message processing. The attack affects the availability of the service while not impacting confidentiality or integrity (Vendor Advisory, NetApp Advisory).

The vulnerability is fixed in Squid version 6.5. Users are advised to upgrade to this version or later as there are no known workarounds for this vulnerability. For older versions, patches are available in the patch archives for both Squid 5 and Squid 6 branches (Vendor Advisory).