Skip to main content

Squid ESI Responses Processing Vulnerability

Last Update Date: 23 Apr 2018 09:27 Release Date: 23 Apr 2018 3386 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in Squid, which can allow a remote server delivering ESI responses to trigger a denial of service for all clients accessing the Squid service.


Impact

  • Denial of Service

System / Technologies affected

  • Squid 3.1.12.2 - 3.1.23
  • Squid 3.2.0.8 - 3.2.14
  • Squid 3.3 - 4.0.12

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update or upgrade to Squid 4.0.13.

Vulnerability Identifier


Source


Related Link