CVE-2007-6239 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-6239
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6239

Description: The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-565-1 SUSE http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html ST 1019036 SAID Secunia Advisory: SA27910 Secunia Advisory: SA28091 Secunia Advisory: SA28109 Secunia Advisory: SA28350 Secunia Advisory: SA28381 Secunia Advisory: SA28403 Secunia Advisory: SA28412 Secunia Advisory: SA28814 REDHAT http://www.redhat.com/support/errata/RHSA-2007-1130.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:002 GENTOO http://security.gentoo.org/glsa/glsa-200801-05.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1482 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=201209 http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patch http://www.squid-cache.org/Advisories/SQUID-2007_2.txt CERT-VN 232881 BID 26687

Return to the previous page.