icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Squid 3.0.STABLE16 / 3.10.11 Remote DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack

Description

According to its banner, the version of the Squid proxy caching server installed on the remote host is older than 3.0.STABLE17 or 3.1.0.12. Such versions reportedly use incorrect bounds checking when processing some requests or responses. Squid-2.x releases are not vulnerable.

Solution

Either upgrade to Squid version 3.0.STABLE17 or 3.1.0.12 or later or apply the patch referenced in the project's advisory above.