SUSE CVE-2005-0095

The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service crash via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCPISEEYOU cache numbers...

DEBIAN-CVE-2002-0916

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call...