5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.951 High
EPSS
Percentile
99.3%
Squid is a full-featured web proxy cache.
The issues allows for Denial of Service attacks against the service via an HTTP request with an invalid version number and other specially crafted requests.
There is no known workaround at this time.
All Squid users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-proxy/squid-2.7.6"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-proxy/squid | < 2.7.6 | UNKNOWN |