Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
Debian Security Advisory 651-1 - A couple different overflows have been discovered in Squid. One is in the parser for Gopher and another is in the receiver for WCCP messages.