Vulnerabilities

CVE-2016-2569

by Fred · 26/02/2016

Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service (assertion failure and daemon exit) via a long string, as demonstrated by a crafted HTTP Vary header.

Date published : 2016-02-26

http://www.squid-cache.org/Advisories/SQUID-2016_2.txt

http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-13991.patch

Related

Tags: Cybersecurity Alert