|
|
Log in / Subscribe / Register

squid: denial of service

Package(s):squid CVE #(s):CVE-2009-2855
Created:September 22, 2009 Updated:March 31, 2010
Description: From the Mandriva advisory: The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function.
Alerts:
Gentoo 201110-24 squid 2011-10-26
Red Hat RHSA-2010:0221-04 squid 2010-03-30
SuSE SUSE-SR:2010:007 cifs-mount/samba, compiz-fusion-plugins-main, cron, cups, ethereal/wireshark, krb5, mysql, pulseaudio, squid/squid3, viewvc 2010-03-30
Ubuntu USN-901-1 squid 2010-02-16
Debian DSA-1991-1 squid/squid3 2010-02-04
Mandriva MDVSA-2009:241-1 squid 2010-01-11
Mandriva MDVSA-2009:241 squid 2009-09-22
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds