severity grave 696187 
thanks

On Mon, Dec 17, 2012 at 09:36:27PM +0200, Henri Salo wrote:
> Package: squid-cgi
> Version: 3.1.20-2
> Severity: important
> Tags: security
> 
> http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
> http://www.openwall.com/lists/oss-security/2012/12/17/3
> 
> Problem Description:
>  Due to missing input validation Squid cachemgr.cgi tool is
>  vulnerable to a denial of service attack when processing
>  specially crafted requests.

Note that the initial fix was incorrect:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0189

Cheers,
        Moritz


-- 
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to