Squid Proxy Cache ICAP Adaptation Denial Of Service Vulnerability Network Vulnerability

Summary

According to its version number, the remote version of Squid is prone to a to a remote denial-of-service vulnerability because the proxy server fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Successfully exploiting this issue allows remote attackers to consume excessive memory, resulting in a denial-of-service condition. Note that to exploit this issue, an attacker must be a legitimate client user of the proxy. The Squid 3.x branch is vulnerable.

Solution

Upgrade to newer Version if available.

References

http://www.securityfocus.com/bid/34277
http://www.squid-cache.org/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Perl Denial of Service Vulnerability Jan 2015 (Windows)
Oracle VM VirtualBox Unspecified Denial of Service Vulnerability (Windows)
SystemTap Unprivileged Mode Multiple Denial Of Service Vulnerabilities
Sun VirtualBox or xVM VirtualBox Denial Of Service Vulnerability (Win)
ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability

Squid Proxy Cache ICAP Adaptation Denial of Service Vulnerability

Take action and discover your vulnerabilities