FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

squid -- Possible Denial Of Service Vulnerability in store.c

Affected packages
squid < 2.5.10_5

Details

VuXML ID 0c0dc409-1c5e-11da-92ce-0048543d60ce
Discovery 2005-08-02
Entry 2005-09-04
Modified 2005-10-02

The squid patches page notes:

Squid crashes with the above assertion failure [assertion failed: store.c:523: "e->store_status == STORE_PENDING"] in certain conditions involving aborted requests.

References

Bugtraq ID 14761
CVE Name CVE-2005-2794
URL http://secunia.com/advisories/16708/
URL http://www.squid-cache.org/bugs/show_bug.cgi?id=1368
URL http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING