DSA-4122-1 squid3 -- squid3ID: oval:org.secpod.oval:def:603278 | Date: (C)2018-02-28 (M)2023-12-20 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2018-1000024 Louis Dion-Marcil discovered that Squid does not properly handle processing of certain ESI responses. A remote server delivering certain ESI response syntax can take advantage of this flaw to cause a denial of service for all clients accessing the Squid service. This problem is limited to the Squid custom ESI parser. A remote attacker can take advantage of this flaw to cause a denial of service for all clients accessing the Squid service
Platform: |
Debian 8.x |
Debian 9.x |