oss-sec mailing list archives
CVE Request -- Squid -- SQUID-2010_1.txt
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 01 Feb 2010 11:54:37 +0100
Hi Josh, Steve, vendors, Squid upstream has released updated versions fixing DoS when processing specially crafted DNS packets [1]. From the upstream advisory: "This problem allows any trusted client or external server who can determine the squid receiving port to perform a short-term denial of service attack on the Squid service." Could you allocate a CVE id for this? (can't find one in SQUID-2010_1.txt). Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team [1] http://www.squid-cache.org/Advisories/SQUID-2010_1.txt
Current thread:
- CVE Request -- Squid -- SQUID-2010_1.txt Jan Lieskovsky (Feb 01)
- <Possible follow-ups>
- Re: CVE Request -- Squid -- SQUID-2010_1.txt Josh Bressers (Feb 01)