Red Hat Bugzilla – Bug 1311584
squid: Multiple Denial of Service issues in HTTP Response processing
Last modified: 2016-03-02 10:12:22 EST
Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses. Squid-4 is due to incorrect error handling vulnerable to a denial of service attack when processing malformed HTTP responses.
These problems allow remote servers delivering certain unusual HTTP response syntax to trigger a denial of service for all clients accessing the Squid service.
Created squid tracking bugs for this issue:
Affects: fedora-all [bug 1311585]
*** This bug has been marked as a duplicate of bug 1312257 ***