Squid Proxy Cache ICAP Adaptation Denial Of Service Vulnerability Network Vulnerability

Summary

According to its version number, the remote version of Squid is prone to a to a remote denial-of-service vulnerability because the proxy server fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. Successfully exploiting this issue allows remote attackers to consume excessive memory, resulting in a denial-of-service condition. Note that to exploit this issue, an attacker must be a legitimate client user of the proxy. The Squid 3.x branch is vulnerable.

Solution

Upgrade to newer Version if available.

References

http://www.securityfocus.com/bid/34277
http://www.squid-cache.org/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Wireshark PPP And NFS Dissector Denial of Service Vulnerabilities (Windows)
Sun VirtualBox or xVM VirtualBox Denial Of Service Vulnerability (Win)
Wireshark SMB dissector Denial of Service Vulnerability (Windows)
Wireshark Multiple Denial of Service Vulnerabilities - July 12 (Mac OS X)
PHP 'mbstring.func_overload' DoS Vulnerability

Squid Proxy Cache ICAP Adaptation Denial of Service Vulnerability

Take action and discover your vulnerabilities