CVE-2008-1612
CVE-2008-1612
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.htmlhttp://marc.info/?l=squid-announce&m=120614453813157&w=2http://secunia.com/advisories/27477http://secunia.com/advisories/29813http://secunia.com/advisories/30032http://secunia.com/advisories/32109http://secunia.com/advisories/34467http://security.gentoo.org/glsa/glsa-200903-38.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41586https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11376https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00560.htmlhttp://www.debian.org/security/2008/dsa-1646