Squid Proxy String Processing NULL Pointer Dereference Denial Of Service Vulnerability Network Vulnerability

Summary

Squid is prone to a remote denial-of-service vulnerability caused by a NULL pointer dereference. An attacker can exploit this issue to cause the application to crash, denying service to legitimate users. Due to the nature of the issue, code execution may be possible however, it has not been confirmed. The issue affects the following versions: Squid 3.0 to 3.0.STABLE25 Squid 3.1 to 3.1.7 Squid 3.2 to 3.2.0.1

Solution

Updates are available. Please see the references for more information.

References

http://www.squid-cache.org/
http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
https://www.securityfocus.com/bid/42982

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3072

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache APR-Utils Multiple Denial of Service Vulnerabilities
DB2 DOS
Firefox XUL Parsing Denial of Service Vulnerability (Linux)
chm2pdf Insecure Temporary File Creation or DoS Vulnerability
avast! AntiVirus Multiple BOF Vulnerabilities (Linux)

Take action and discover your vulnerabilities