SCO Security Advisory - store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. Squid versions 2.5.STABLE10 and below, while performing NTLM authentication, do not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
f0587c8f5d8323fec288e1f850d67e518ab135abbba7b94636cf8b47c40315bcDebian Security Advisory DSA 809-2 - Certain aborted requests that trigger an assertion in squid, the popular WWW proxy cache, may allow remote attackers to cause a denial of service. This update also fixes a regression caused by DSA 751.
fea1b192de905ca27bdc9f1f7fc6aee4a4466df46a410aeb89e989f74c5c9f62SUSE Security Announcement - Squid web-proxy suffers from two remotely exploitable denial of service vulnerabilities
ffc33cd2b43d2cecb24ae8a320b2ad4b1318a49d6124ca983dacdafe8c59d8e5OpenPKG Security Advisory - Two Denial of Service (DoS) security issues were discovered in the Squid Internet proxy. The first DoS is possible via certain aborted requests that trigger an assertion error related to STORE_PENDING. The second problem allows remote attackers to cause a DoS via certain crafted requests and SSL timeouts.
9aa6ddde476351397a610959fb00e7aa8306c87d1b4dddf671da4b510c0c68df
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed