severity grave 696187 thanks On Mon, Dec 17, 2012 at 09:36:27PM +0200, Henri Salo wrote: > Package: squid-cgi > Version: 3.1.20-2 > Severity: important > Tags: security > > http://www.squid-cache.org/Advisories/SQUID-2012_1.txt > http://www.openwall.com/lists/oss-security/2012/12/17/3 > > Problem Description: > Due to missing input validation Squid cachemgr.cgi tool is > vulnerable to a denial of service attack when processing > specially crafted requests.
Note that the initial fix was incorrect: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0189 Cheers, Moritz -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]

