CVE-2010-0639

Name of the Vulnerable Software and Affected Versions Squid versions 2.x prior to 2.6.STABLE24 Squid versions 2.7 prior to 2.7.STABLE8 Squid versions 3.0 prior to 3.0.STABLE24

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash due to a NULL pointer dereference. This is achieved by sending crafted packets to the HTCP port.

Recommendations For Squid versions 2.x prior to 2.6.STABLE24, update to version 2.6.STABLE24 or later. For Squid versions 2.7 prior to 2.7.STABLE8, update to version 2.7.STABLE8 or later. For Squid versions 3.0 prior to 3.0.STABLE24, update to version 3.0.STABLE24 or later.