Squid · Squid · CVE-2010-0639
**Name of the Vulnerable Software and Affected Versions**
Squid versions 2.x prior to 2.6.STABLE24
Squid versions 2.7 prior to 2.7.STABLE8
Squid versions 3.0 prior to 3.0.STABLE24
**Description**
The issue allows remote attackers to cause a denial of service, resulting in a daemon crash due to a NULL pointer dereference. This is achieved by sending crafted packets to the HTCP port.
**Recommendations**
For Squid versions 2.x prior to 2.6.STABLE24, update to version 2.6.STABLE24 or later.
For Squid versions 2.7 prior to 2.7.STABLE8, update to version 2.7.STABLE8 or later.
For Squid versions 3.0 prior to 3.0.STABLE24, update to version 3.0.STABLE24 or later.