Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Squid 3.x < 3.2.9 / 3.3.x < 3.3.3 strHdrAcptLangGetItem DoS

Medium

Synopsis

The remote proxy server is vulnerable to a denial-of-service attack.

Description

Squid version prior to 3.2.9 or 3.3.3 are potentially affected by a denial of service vulnerability. An error exists in the function 'strHdrAcptLangGetItem' in the field 'errorpage.cc' that would allow certain 'Accept-Language' HTTP headers to cause a denial of service condition.

Solution

Upgrade to Squid 3.2.9 / 3.3.3 or later, or apply the vedor-supplied patch