The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Squid | Squid | 2.6.stable1 (including) | 2.6.stable1 (including) |
Squid | Squid | 2.6.stable2 (including) | 2.6.stable2 (including) |
Squid | Squid | 2.6.stable3 (including) | 2.6.stable3 (including) |
Squid | Squid | 2.6.stable4 (including) | 2.6.stable4 (including) |
Squid | Squid | 2.6.stable5 (including) | 2.6.stable5 (including) |
Squid | Squid | 2.6.stable6 (including) | 2.6.stable6 (including) |
Squid | Squid | 2.6.stable7 (including) | 2.6.stable7 (including) |
Squid | Squid | 2.6.stable8 (including) | 2.6.stable8 (including) |
Squid | Squid | 2.6.stable9 (including) | 2.6.stable9 (including) |
Squid | Squid | 2.6.stable10 (including) | 2.6.stable10 (including) |
Squid | Squid | 2.6.stable11 (including) | 2.6.stable11 (including) |