In association with heise online

06 February 2009, 09:40

DoS vulnerability in Squid web proxy squashed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

An update for the free web caching proxy Squid has been released to close a denial of service vulnerability. Detailed information has not been released as to the cause of the problem beyond "due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests". There was also no details on whether the problem causes the proxy to crash or come to a standstill. The advisory does note there is no workaround for the problem.

The issue affects all versions of Squid 2.7 up to and including 2.7.STABLE5, Squid 3.0 up to and including 3.0.STABLE12 and Squid 3.1 up to and including 3.1.0.4. The problem is fixed Squid 2.7.STABLE6, 3.0.STABLE13 and 3.1.0.5.

See also:

(djwm)

Print Version | Send by email | Permalink: http://h-online.com/-739981
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit