CVE-2007-0247

Name of the Vulnerable Software and Affected Versions Squid versions prior to 2.6.STABLE7

Description The issue concerns multiple vulnerabilities in the Squid package that can lead to a disruption in the availability of protected information. These vulnerabilities can be exploited remotely, potentially causing a denial of service. Specifically, the ftpListingFinish and ftpHtmlifyListEntry functions in squid/src/ftp.c are affected, allowing remote FTP servers to cause a core dump via crafted FTP directory listing responses.

Recommendations For Squid versions prior to 2.6.STABLE7, update to version 2.6.STABLE7 or later to resolve the issue. As a temporary workaround, consider restricting access to the ftpListingFinish and ftpHtmlifyListEntry functions until a patch is available.