Author: JT Smith
Posted at LWN.net: “The squid proxy server can be crashed with a malformed request, resulting
in a denial of service attack. After the crash, the squid proxy must be
restarted. The weakness can only be triggered from an address that
is allowed to send requests, as configured in the squid configuration
file.
in a denial of service attack. After the crash, the squid proxy must be
restarted. The weakness can only be triggered from an address that
is allowed to send requests, as configured in the squid configuration
file.
An upgrade to a fixed version of the squid package is the only reasonable
countermeasure against the bug.”
Category:
- Linux
