An issue exists in Squid prior to 4.15 and 5.x prior to 5.0.6. Due to an input-validation bug, it is vulnerable to a Denial of Service attack (against all clients using the proxy). A client sends an HTTP Range request to trigger this.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid-cache squid |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
netapp cloud manager - |
||
fedoraproject fedora 33 |
||
fedoraproject fedora 34 |