CVE ID:	CVE-2010-3072
Description:	The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request.
Test IDs:	1.3.6.1.4.1.25623.1.0.68275   1.3.6.1.4.1.25623.1.0.68093   1.3.6.1.4.1.25623.1.0.68101   1.3.6.1.4.1.25623.1.0.100789   1.3.6.1.4.1.25623.1.0.69646
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3072 http://www.openwall.com/lists/oss-security/2010/09/05/2 http://www.openwall.com/lists/oss-security/2010/09/07/7 Debian Security Information: DSA-2111 (Google Search) http://www.debian.org/security/2010/dsa-2111 http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047787.html http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047820.html SuSE Security Announcement: SUSE-SR:2010:019 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html BugTraq ID: 42982 http://www.securityfocus.com/bid/42982 http://secunia.com/advisories/41298 http://secunia.com/advisories/41477 http://secunia.com/advisories/41534 http://www.vupen.com/english/advisories/2010/2433

New User Registration Email: UserID: Passwd: Please email me your monthly newsletters, informing the latest services, improvements & surveys. Please email me a vulnerability test announcement whenever a new test is added.     Privacy

Registered User Login   UserID:     Passwd:     Forgot userid or passwd? Email/Userid: