Squid HTTP Header Port Number Handling Denial of Service Vulnerability

Last Update Date: 16 Jul 2013 10:50 Release Date: 16 Jul 2013 3900 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

 

The vulnerability is caused due to an error when handling port number values within the "Host" header of HTTP requests and can be exploited to render the service unusable.

Impact

  • Denial of Service

System / Technologies affected

  • Squid versions 3.2 through 3.2.12 and versions 3.3 through 3.3.7.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 3.2.13 or 3.3.8 or apply patch.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Linux Kernel fib6_add_rt2node() Router Advertisement Processing Denial of Service vulnerability

16 Jul 2013 3401 Views

Next

F5 Products Multiple Vulnerabilities

16 Jul 2013 3339 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY