Summary
This host is running Squid Proxy Server and is prone to denial of service vulnerability.
Impact
Successful exploitation could allow remote attackers to cause a denial of service via a crafted 'Accept-Language' header.
Impact Level: Application
Solution
Upgrade to Squid Version 3.2.9, 3.3.3 or later,
For updates refer to http://www.squid-cache.org/Download
Insight
Error within the 'strHdrAcptLangGetItem()' function in errorpage.cc when handling the 'Accept-Language' header.
Affected
Squid Version 3.2.x before 3.2.9 and 3.3.x before 3.3.3
Detection
Send crafted 'Accept-Language' header request and check is it vulnerable to DoS or not.
References
Severity
Classification
-
CVE CVE-2013-1839 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- Avaya IP Office Manager TFTP Denial of Service Vulnerability
- Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
- Adobe Reader '.ETD File' Denial of Service Vulnerability (Windows)
- Apple QuickTime Malformed .mov File Buffer Overflow Vulnerability
- Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)