Gentoo Linux Security Advisory GLSA 200903-38 - Multiple vulnerabilities have been found in Squid which allow for remote Denial of Service attacks. The arrayShrink function in lib/Array.c can cause an array to shrink to 0 entries, which triggers an assert error. Versions less than 2.7.6 are affected.
8e7a23103f5c174d2c66e43c603c3eae5f718455c874e000d29ca014a51a857eDebian Security Advisory 1732 - Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered an assertion error in squid3, a full featured Web Proxy cache, which could lead to a denial of service attack.
a983b90292ef870490f19ac8f72c722d9da3a72ba10dc4ff81d262c3dca19584Ubuntu Security Notice USN-724-1 - Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered that Squid did not properly validate the HTTP version when processing requests. A remote attacker could exploit this to cause a denial of service (assertion failure).
17db4ecbf1f662f3b953bbbe5fc7c8cca2d92354678e2c89d0dc93dba754e149Mandriva Linux Security Advisory 2009-034 - Due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests. This problem allows any client to perform a denial of service attack on the Squid service. The updated packages have been patched to address this.
01a6e1aed3743cee1e6d28aff876724f367142e85922af5563de7d72b2527047Squid versions 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 remote HTTP version parsing denial of service exploit.
c572f7e6a9191df0a632e8307cd6f92f5b07e7870cda79fd59237c2ba2255b67
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed