Computer Security
[EN] securityvulns.ru no-pyccku


Squid security vulnerabilities
Published:10.03.2013
Source:
SecurityVulns ID:12927
Type:remote
Threat Level:
6/10
Description:CPU exhaustion DoS, memory corruption.
Affected:SQUID : squid 3.2
CVE:CVE-2013-1839 (The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.)
Original documentdocumenttytusromekiatomek_(at)_hushmail.com, Squid 3.2.5 httpMakeVaryMark() header value DoS, 2.7.Stable9 memory corruption. (10.03.2013)
 documenttytusromekiatomek_(at)_hushmail.com, Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc (10.03.2013)
 documentKurt Seifried, Re: Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc (10.03.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod