CVE-2011-4096

2011-11-17T19:55:00
ID CVE-2011-4096
Type cve
Reporter cve@mitre.org
Modified 2016-11-28T19:07:00

Description

The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.