First published: Tue Jul 28 2009(Updated: )
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc.
Credit: cret@cert.org
Affected Software | Affected Version | How to fix |
---|---|---|
Squid-Cache Squid | =3.0-rc4 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.1.0.3 | |
Squid-Cache Squid | =3.1.0.1 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0-rc1 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.1.0.2 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.1.0.4 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.1 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 | |
Squid-Cache Squid | =3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.