Squid Proxy Failed DNS Lookup Random Error Messages Information Disclosure

Medium Log Correlation Engine Plugin ID 801044


The remote proxy can be tricked into disclosing portions of its memory.


The remote host running a Squid proxy on this port.
There is a vulnerability in the remote version of this software that may allow an attacker to disclose the content of its memory by causing the use of a freed pointer.


Upgrade to Squid 2.5.STABLE8 or 3.0-PRE4 or apply the vendor patches.

See Also


Plugin Details

Severity: Medium

ID: 801044

File Name: 801044.prm

Family: Web Servers

Nessus ID: 15929

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:OF/RC:ND

Reference Information

CVE: CVE-2004-2479

BID: 11865