Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200509-06] Squid: Denial of Service vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Squid: Denial of Service vulnerabilities
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200509-06
(Squid: Denial of Service vulnerabilities)
Certain malformed requests result in a segmentation fault in the
sslConnectTimeout function, handling of other certain requests trigger
By performing malformed requests a possible hacker could cause Squid to crash
by triggering an assertion failure or invalid memory reference.
There is no known workaround at this time.
All Squid users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-proxy/squid-2.5.10-r2"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.