CVE-2010-2951

Name of the Vulnerable Software and Affected Versions Squid version 3.1.6

Description The issue allows remote attackers to cause a denial of service, resulting in an assertion failure and daemon exit. This occurs when the dns internal.cc component accesses an invalid socket during an IPv4 TCP DNS query, specifically when IPv6 DNS resolution is not enabled. The attack vectors involve triggering an IPv4 DNS response with the TC bit set.

Recommendations For Squid version 3.1.6, consider updating to a newer version that addresses this issue, as the current version can be exploited to cause a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.