{
  "details" : [ "The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference.  NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor's bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5." ],
  "statement" : "Not vulnerable.  This issue only affected 2.5 STABLE4 and 2.5 STABLE5 versions of Squid and does not affect the versions of Squid distributed with Red Hat Enterprise Linux.",
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2004-2654\nhttps://nvd.nist.gov/vuln/detail/CVE-2004-2654" ],
  "name" : "CVE-2004-2654",
  "csaw" : false
}