[FREEBSD:660EBBF5-DAEB-11E5-B2BD-002590263BF5] squid -- remote DoS in HTTP response processing
Severity
High
Affected Packages
1
CVEs
3
Squid security advisory 2016:2 reports:
Due to incorrect bounds checking Squid is vulnerable to a denial
of service attack when processing HTTP responses.
These problems allow remote servers delivering certain unusual
HTTP response syntax to trigger a denial of service for all
clients accessing the Squid service.
HTTP responses containing malformed headers that trigger this
issue are becoming common. We are not certain at this time if
that is a sign of malware or just broken server scripting.
Package | Affected Version |
---|---|
pkg:freebsd/squid | < 3.5.15 |
- ID
- FREEBSD:660EBBF5-DAEB-11E5-B2BD-002590263BF5
- Severity
- high
- Severity from
- CVE-2016-2569
- URL
- http://vuxml.freebsd.org/freebsd/660ebbf5-daeb-11e5-b2bd-002590263bf5.html
- Published
-
2016-02-24T00:00:00
(8 years ago) - Modified
-
2016-02-24T00:00:00
(8 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | http://www.squid-cache.org/Advisories/SQUID-2016_2.txt | ||
FreeBSD VuXML | http://www.openwall.com/lists/oss-security/2016/02/24/12 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/squid | squid | < 3.5.15 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |