squid -- several remote denial of service vulnerabilities

2009-07-27T00:00:00
ID E1156E90-7AD6-11DE-B26A-0048543D60CE
Type freebsd
Reporter FreeBSD
Modified 2009-08-06T00:00:00

Description

Squid security advisory 2009:2 reports:

Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses. These problems allow any trusted client or external server to perform a denial of service attack on the Squid service.

Squid-2.x releases are not affected.