|Bugzilla:||630444: CVE-2010-3072 Squid: Denial of service due internal error in string handling (SQUID-2010:3)|
The MITRE CVE dictionary describes this issue as:
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 220.127.116.11 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
This issue did not affect the version of Squid as shipped with Red Hat Enterprise Linux 3, 4, or 5. It was corrected in Red Hat Enterprise Linux 6 via RHSA-2011:0545.
CVSS v2 metrics
|Access Vector:||Adjacent Network|
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|Red Hat Enterprise Linux version 6 (squid)||RHSA-2011:0545||May 19, 2011|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.