The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
Debian Security Advisory 651-1 - A couple different overflows have been discovered in Squid. One is in the parser for Gopher and another is in the receiver for WCCP messages.