Mandriva Linux Security Advisory : squid (MDVSA-2013:199)
High Nessus Plugin ID 69067
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities has been discovered and corrected in squid :
Due to incorrect data validation Squid is vulnerable to a buffer overflow attack when processing specially crafted HTTP requests. This problem allows any trusted client or client script who can generate HTTP requests to trigger a buffer overflow in Squid, resulting in a termination of the Squid service (CVE-2013-4115).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected squid and / or squid-cachemgr packages.