Gentoo Linux Security Advisory GLSA 200903-38 - Multiple vulnerabilities have been found in Squid which allow for remote Denial of Service attacks. The arrayShrink function in lib/Array.c can cause an array to shrink to 0 entries, which triggers an assert error. Versions less than 2.7.6 are affected.
8e7a23103f5c174d2c66e43c603c3eae5f718455c874e000d29ca014a51a857e
Debian Security Advisory 1646-2 - In DSA 1646-1, an update was announced for a denial of service vulnerability in squid, a caching proxy server. Due to an error in packaging and in testing, the updated packages did not correct the weakness. An updated release is available which corrects the error. A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a denial of service condition against squid.
c86b7cac5874a3f1851233619e56e4f46d095a57079707a883b872a5b19e88c9
Debian Security Advisory 1646-1 - A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a denial of service condition against squid.
08b62230ab38873cf91fbda4034f7ddc8d7c795e7f82a778ff3bf5270a2f1fc7
Mandriva Linux Security Advisory - An incorrect fix for CVE-2007-6239 resulted in Squid not performing proper bounds checking when processing cache update replies. Because of this, a remote authenticated user might have been able to trigger an assertion error and cause a denial of service. The updated packages have been patched to correct this issue.
d0d3c8b5ed8a1da403fb42d6a0ee7b6726a9aaa5ff7a50b893de74b1a75cc8ee
Ubuntu Security Notice 601-1 - It was discovered that Squid did not perform proper bounds checking when processing cache update replies. A remote authenticated user may be able to trigger an assertion error and cause a denial of service. This vulnerability is due to an incorrect fix for CVE-2007-6239.
0c0ababe57cbd5b653e96a773f52efe8a94122769b245b42563aee9373fad61c