CVE-2007-6239
Publication date 4 December 2007
Last updated 24 July 2024
Ubuntu priority
The “cache update reply processing” functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.
Status
Package | Ubuntu Release | Status |
---|---|---|
squid | 7.10 gutsy |
Fixed 2.6.14-1ubuntu2.1
|
7.04 feisty |
Fixed 2.6.5-4ubuntu2.1
|
|
6.10 edgy |
Fixed 2.6.1-3ubuntu1.5
|
|
6.06 LTS dapper |
Fixed 2.5.12-4ubuntu2.3
|
|
squid3 | 7.10 gutsy |
Fixed 3.0.PRE6-1ubuntu0.1
|
7.04 feisty |
Fixed 3.0.PRE5-5ubuntu0.1
|
|
6.10 edgy | Not in release | |
6.06 LTS dapper | Not in release |
References
Related Ubuntu Security Notices (USN)
- USN-565-1
- Squid vulnerability
- 9 January 2008