FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

squid -- FTP server response handling denial of service

Affected packages
squid < 2.5.11_3

Details

VuXML ID 1c3142a3-4ab2-11da-932d-00055d790c25
Discovery 2005-10-19
Entry 2005-11-01

A Secunia Advisory reports:

M.A.Young has reported a vulnerability in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in handling certain FTP server responses. This can be exploited to crash Squid by visiting a malicious FTP server via the proxy.

References

CVE Name CVE-2005-3258
URL http://secunia.com/advisories/17271/