dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote malicious users to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid-cache squid 3.1.6 |