This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing a security-related update.
According to the Squid Proxy Cache Security Update Advisory
The WCCP recvfrom() call accepts more data than will fit in the
allocated buffer. An attacker may send a larger-than-normal WCCP
message to Squid and overflow this buffer.
The bug is important because it allows remote attackers to crash
Squid, causing a disription in service. However, the bug is
exploitable only if you have configured Squid to send WCCP messages
to, and expect WCCP replies from, a router.
Sites that do not use WCCP are not vulnerable.
Note that while the default configuration of the FreeBSD squid port
enables WCCP support in general, the default configuration supplied
does not actually configure squid to send and receive WCCP messages.
See also :
Update the affected package.
Risk factor :
High / CVSS Base Score : 7.5