Download
| Alert*
|
oval:org.mitre.oval:def:7991
It was discovered that malformed cache update replies against the Squid WWW proxy cache could lead to the exhaustion of system memory, resulting in potential denial of service. oval:org.mitre.oval:def:7232 A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a deni ... oval:org.secpod.oval:def:301297 The cache update reply processing functionality in Squid 2.x before 2.6.STABLE17, and Squid 3.0, allows remote attackers to cause a denial of service via unknown vectors related to HTTP headers. The updated package fixes this issue. |
