Due to incorrect buffer management Squid cachemgr.cgi tool is vulnerable to a buffer overflow when processing remotely supplied inputs relayed to it from Squid.
This CVE is for an incomplete fix for CVE-2016-4051 as applied to squid packages in Red Hat Enterprise Linux 6, released via RHSA-2016:1138.
Upstream advisory for the original issue CVE-2016-4051:
Red Hat Enterprise Linux 6 erratum with the incomplete fix:
Name: Amos Jeffries (Squid)
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Via RHSA-2016:1573 https://rhn.redhat.com/errata/RHSA-2016-1573.html