The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Squid | Squid-cache | * | 3.1.15 (including) |
| Squid | Squid-cache | 3.0 (including) | 3.0 (including) |
| Squid | Squid-cache | 3.0-rc1 (including) | 3.0-rc1 (including) |
| Squid | Squid-cache | 3.0-rc4 (including) | 3.0-rc4 (including) |
| Squid | Squid-cache | 3.0.stable1 (including) | 3.0.stable1 (including) |
| Squid | Squid-cache | 3.0.stable2 (including) | 3.0.stable2 (including) |
| Squid | Squid-cache | 3.0.stable3 (including) | 3.0.stable3 (including) |
| Squid | Squid-cache | 3.0.stable4 (including) | 3.0.stable4 (including) |
| Squid | Squid-cache | 3.0.stable5 (including) | 3.0.stable5 (including) |
| Squid | Squid-cache | 3.0.stable6 (including) | 3.0.stable6 (including) |
| Squid | Squid-cache | 3.0.stable7 (including) | 3.0.stable7 (including) |
| Squid | Squid-cache | 3.0.stable8 (including) | 3.0.stable8 (including) |
| Squid | Squid-cache | 3.0.stable9 (including) | 3.0.stable9 (including) |
| Squid | Squid-cache | 3.0.stable10 (including) | 3.0.stable10 (including) |
| Squid | Squid-cache | 3.0.stable11 (including) | 3.0.stable11 (including) |
| Squid | Squid-cache | 3.0.stable11-rc1 (including) | 3.0.stable11-rc1 (including) |
| Squid | Squid-cache | 3.0.stable12 (including) | 3.0.stable12 (including) |
| Squid | Squid-cache | 3.0.stable13 (including) | 3.0.stable13 (including) |
| Squid | Squid-cache | 3.0.stable14 (including) | 3.0.stable14 (including) |
| Squid | Squid-cache | 3.0.stable15 (including) | 3.0.stable15 (including) |
| Squid | Squid-cache | 3.0.stable16 (including) | 3.0.stable16 (including) |
| Squid | Squid-cache | 3.0.stable16-rc1 (including) | 3.0.stable16-rc1 (including) |
| Squid | Squid-cache | 3.0.stable17 (including) | 3.0.stable17 (including) |
| Squid | Squid-cache | 3.0.stable18 (including) | 3.0.stable18 (including) |
| Squid | Squid-cache | 3.0.stable19 (including) | 3.0.stable19 (including) |
| Squid | Squid-cache | 3.0.stable20 (including) | 3.0.stable20 (including) |
| Squid | Squid-cache | 3.0.stable21 (including) | 3.0.stable21 (including) |
| Squid | Squid-cache | 3.0.stable22 (including) | 3.0.stable22 (including) |
| Squid | Squid-cache | 3.0.stable23 (including) | 3.0.stable23 (including) |
| Squid | Squid-cache | 3.0.stable24 (including) | 3.0.stable24 (including) |
| Squid | Squid-cache | 3.0.stable25 (including) | 3.0.stable25 (including) |
| Squid | Squid-cache | 3.1 (including) | 3.1 (including) |
| Squid | Squid-cache | 3.1.0.1 (including) | 3.1.0.1 (including) |
| Squid | Squid-cache | 3.1.0.2 (including) | 3.1.0.2 (including) |
| Squid | Squid-cache | 3.1.0.3 (including) | 3.1.0.3 (including) |
| Squid | Squid-cache | 3.1.0.4 (including) | 3.1.0.4 (including) |
| Squid | Squid-cache | 3.1.0.5 (including) | 3.1.0.5 (including) |
| Squid | Squid-cache | 3.1.0.6 (including) | 3.1.0.6 (including) |
| Squid | Squid-cache | 3.1.0.7 (including) | 3.1.0.7 (including) |
| Squid | Squid-cache | 3.1.0.8 (including) | 3.1.0.8 (including) |
| Squid | Squid-cache | 3.1.0.9 (including) | 3.1.0.9 (including) |
| Squid | Squid-cache | 3.1.0.10 (including) | 3.1.0.10 (including) |
| Squid | Squid-cache | 3.1.0.11 (including) | 3.1.0.11 (including) |
| Squid | Squid-cache | 3.1.0.12 (including) | 3.1.0.12 (including) |
| Squid | Squid-cache | 3.1.0.13 (including) | 3.1.0.13 (including) |
| Squid | Squid-cache | 3.1.0.14 (including) | 3.1.0.14 (including) |
| Squid | Squid-cache | 3.1.0.15 (including) | 3.1.0.15 (including) |
| Squid | Squid-cache | 3.1.0.16 (including) | 3.1.0.16 (including) |
| Squid | Squid-cache | 3.1.0.17 (including) | 3.1.0.17 (including) |
| Squid | Squid-cache | 3.1.0.18 (including) | 3.1.0.18 (including) |
| Squid | Squid-cache | 3.1.1 (including) | 3.1.1 (including) |
| Squid | Squid-cache | 3.1.2 (including) | 3.1.2 (including) |
| Squid | Squid-cache | 3.1.3 (including) | 3.1.3 (including) |
| Squid | Squid-cache | 3.1.4 (including) | 3.1.4 (including) |
| Squid | Squid-cache | 3.1.5 (including) | 3.1.5 (including) |
| Squid | Squid-cache | 3.1.5.1 (including) | 3.1.5.1 (including) |
| Squid | Squid-cache | 3.1.6 (including) | 3.1.6 (including) |
| Squid | Squid-cache | 3.1.7 (including) | 3.1.7 (including) |
| Squid | Squid-cache | 3.1.8 (including) | 3.1.8 (including) |
| Squid | Squid-cache | 3.1.9 (including) | 3.1.9 (including) |
| Squid | Squid-cache | 3.1.10 (including) | 3.1.10 (including) |
| Squid | Squid-cache | 3.1.11 (including) | 3.1.11 (including) |
| Squid | Squid-cache | 3.1.12 (including) | 3.1.12 (including) |
| Squid | Squid-cache | 3.1.13 (including) | 3.1.13 (including) |
| Squid | Squid-cache | 3.1.14 (including) | 3.1.14 (including) |
| Red Hat Enterprise Linux 6 | RedHat | squid-7:3.1.10-1.el6_2.1 | * |
| Squid3 | Ubuntu | maverick | * |
| Squid3 | Ubuntu | natty | * |
| Squid3 | Ubuntu | oneiric | * |
| Squid3 | Ubuntu | upstream | * |