Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Squid < 3.1.23 / 3.2.x < 3.2.6 / 3.3.x < cachemgr.cgi DoS



The remote proxy server is vulnerable to a Denial of Service (DoS) attack.


Squid versions prior to 3.1.23, 3.2.x prior to 3.2.6, and 3.3.x prior to are potentially affected by a denial of service vulnerability. The included 'cachemgr.cgi' tool reportedly lacks input validation, which could be abused by any client able to access that tool to perform a denial of service attack on the service host.

Note this fix is a result of an incomplete fix for CVE-2012-5643.


Upgrade to Squid version 3.1.23 / 3.2.6 / or later, or apply the vendor-supplied patch.