In association with heise online

05 December 2007, 12:08

DoS vulnerability in Squid Web proxy

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Users can trip up the Squid Web proxy thanks to a flaw that has been reported, but not described in detail. The security advisory also does not state whether the program crashes completely or simply does not work properly anymore. For instance, the connection to the web could be interrupted. The flaw reportedly stems from the handling of a reply to a cache update initiated by the user. The flaw is found in Squid 2.x (up to and including STABLE16) and Squid 3. In Squid 2.6. STABLE17 and the snapshots of November 28, the DoS problem has been remedied. Patches have also been made available.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit