The squid proxy server can be crashed with a malformed request, resulting in a denial of service attack. After the crash, the squid proxy must be restarted. The weakness can only be triggered from an address that is allowed to send requests, as configured in the squid configuration file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 6.4 | ppc | squid2 | < 2.2.STABLE5-191 | squid2-2.2.STABLE5-191.ppc.rpm |
openSUSE | 7.1 | sparc | squid2 | < 2.2.STABLE5-199 | squid2-2.2.STABLE5-199.sparc.rpm |
openSUSE | 7.1 | alpha | squid23 | < 2.3.STABLE4-59 | squid23-2.3.STABLE4-59.alpha.rpm |
openSUSE | 7.2 | i386 | squid | < 2.3.STABLE4-131 | squid-2.3.STABLE4-131.i386.rpm |
openSUSE | 7.3 | i386 | squid | < 2.3.STABLE4-132 | squid-2.3.STABLE4-132.i386.rpm |
openSUSE | 7.0 | i386 | squid23 | < 2.3.STABLE4-57 | squid23-2.3.STABLE4-57.i386.rpm |
openSUSE | 6.4 | alpha | squid23 | < 2.3.STABLE4-59 | squid23-2.3.STABLE4-59.alpha.rpm |
openSUSE | 7.1 | sparc | squid23 | < 2.3.STABLE4-52 | squid23-2.3.STABLE4-52.sparc.rpm |
openSUSE | 6.3 | i386 | squid | < 1.NOVM.22-0 | squid-1.NOVM.22-0.i386.rpm |
openSUSE | 7.1 | ppc | squid23 | < 2.3.STABLE4-59 | squid23-2.3.STABLE4-59.ppc.rpm |