Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:23199
HistoryApr 10, 2020 - 12:19 a.m.

Denial Of Service (DoS)

2020-04-1000:19:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
squid
vulnerability
denial of service
http headers
cached objects
system memory
attacker
cpu usage
requests

EPSS

0.423

Percentile

97.4%

squid is vulnerable to denial of service. A flaw was found in the way squid stored HTTP headers for cached objects in system memory. An attacker could cause squid to use additional memory, and trigger high CPU usage when processing requests for certain cached objects, possibly leading to a denial of service.

Affected configurations

Vulners
Node
squidsquidMatch2.6.stable6_4.el5
OR
squidsquidMatch2.6.stable6_3.el5
OR
squidsquidMatch2.6.stable6_4.el5
OR
squidsquidMatch2.6.stable6_3.el5
VendorProductVersionCPE
squidsquid2.6.stable6_4.el5cpe:2.3:a:squid:squid:2.6.stable6_4.el5:*:*:*:*:*:*:*
squidsquid2.6.stable6_3.el5cpe:2.3:a:squid:squid:2.6.stable6_3.el5:*:*:*:*:*:*:*

References