5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.179 Low
EPSS
Percentile
96.2%
CentOS Errata and Security Advisory CESA-2007:1130-04
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects.
A flaw was found in the way squid stored HTTP headers for cached objects
in system memory. An attacker could cause squid to use additional memory,
and trigger high CPU usage when processing requests for certain cached
objects, possibly leading to a denial of service. (CVE-2007-6239)
Users of squid are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-January/076743.html
Affected packages:
squid
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 2 | i386 | squid | <Β 2.4.STABLE7-1.21as.11 | squid-2.4.STABLE7-1.21as.11.i386.rpm |