SquidClamav URL Parsing Denial Of Service Vulnerability Network Vulnerability

Summary

SquidClamav is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the daemon to crash, denying service to legitimate users. SquidClamav versions prior to 5.8 and 6.7 are vulnerable.

Solution

Vendor updates are available. Please see the references for more information.

References

http://squidclamav.darold.net/news.html
http://www.osvdb.org/84138
http://www.securityfocus.com/bid/54663

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3501

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CUPS 'scheduler/select.c' Denial Of Service Vulnerability
DNS Amplification Attacks
Apache Subversion 'mod_dav_svn' log REPORT Request DoS Vulnerability
COWON Media Center JetAudio .wav File Denial Of Service Vulnerability
Firefox 'nsObserverList::FillObserverArray' DOS Vulnerability (Win)

SquidClamav URL Parsing Denial of Service Vulnerability

Take action and discover your vulnerabilities