A heap-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can truncate portions of generated payloads, poisoning the HTTP response cache with corrupted objects. On systems with heap overflow protection overflow will shutdown the proxy causing a denial of service for all clients accessing the Squid service.
A heap-based out-of-bounds write has been found in Squid before 4.11 or 5.0.2., where a crafted ESI response sent from an upstream server can truncate portions of generated payloads, poisoning the HTTP response cache with corrupted objects. On systems with heap overflow protection overflow will shutdown the proxy causing a denial of service for all clients accessing the Squid service.
http://www.squid-cache.org/Advisories/SQUID-2019_12.txt http://www.squid-cache.org/Versions/v4/changesets/squid-4-fdd4123629320aa1ee4c3481bb392437c90d188d.patch
Vulmon