squid

• Author: kikadf
• Vulnerable: 3.1.19-1
• Unaffected: 3.1.19-2arcturus1

Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi. Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing.

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0189
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3609