Signature Detail
Short Name |
HTTP:MISC:SQUID-DNS-REPLIES |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Squid DNS Replies Invalid Free |
Release Date |
2013/01/09 |
Update Number |
2223 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Squid DNS Replies Invalid Free
This signature detects attempts to exploit a known vulnerability against Squid while processing certain DNS replies. A successful attack can lead to arbitrary code execution.
Extended Description
Squid proxy caching server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause an affected application to crash, denying service to legitimate users.
Affected Products
- Debian Linux 6.0 amd64
- Debian Linux 6.0 arm
- Debian Linux 6.0 ia-32
- Debian Linux 6.0 ia-64
- Debian Linux 6.0 mips
- Debian Linux 6.0 powerpc
- Debian Linux 6.0 s/390
- Debian Linux 6.0 sparc
- Mandriva Linux Mandrake 2011
- Mandriva Linux Mandrake 2011 x86_64
- Oracle Enterprise Linux 6
- Oracle Enterprise Linux 6.2
- Red Hat Enterprise Linux Server 6
- Red Hat Enterprise Linux Workstation 6
- Red Hat Fedora 14
- Red Hat Fedora 15
- Squid Web Proxy Cache 3.1.16
References
- BugTraq: 50449
- CVE: CVE-2011-4096