Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Squid 3.5.x < 3.5.9 Multiple DoS



The remote proxy server is affected by multiple Denial of Service vulnerabilities.


Versions of Squid 3.5.x prior to 3.5.9 are potentially affected by by the following vulnerabilities :

- A denial of service vulnerability exists in file 'bio.cc' when handling hello messages. A remote attacker can exploit this to cause an infinite loop. (OSVDB 127754) - An integer overflow condition exists in file 'bio.cc' due to improper validation of user-supplied input. A remote attacker can exploit this to crash the proxy, resulting in a denial of service. (OSVDB 127762)


Either upgrade to Squid version 3.5.9 or later, or apply the vendor-supplied patch.