FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

squid -- Denial of service vulnerability in request handling

Affected packages
3.0.1 <= squid < 3.0.25_3
3.1.0.1 <= squid < 3.1.8

Details

VuXML ID e4dac715-c818-11df-a92c-0015587e2cc1
Discovery 2010-08-30
Entry 2010-09-24

Squid security advisory 2010:3 reports:

Due to an internal error in string handling Squid is vulnerable to a denial of service attack when processing specially crafted requests.

This problem allows any trusted client to perform a denial of service attack on the Squid service.

References

CVE Name CVE-2010-3072
URL http://www.squid-cache.org/Advisories/SQUID-2010_3.txt