CVE-2007-1560

Name of the Vulnerable Software and Affected Versions Squid versions prior to 2.6.STABLE12

Description The issue is related to the clientProcessRequest() function, which can be exploited by remote attackers to cause a denial of service. This is achieved through crafted TRACE requests that trigger an assertion error, leading to a daemon crash.

Recommendations For Squid versions prior to 2.6.STABLE12, update to version 2.6.STABLE12 or later to resolve the issue. As a temporary workaround, consider disabling the clientProcessRequest() function until a patch is available. Restrict access to the TRACE request method to minimize the risk of exploitation.