Intrusion PreventionSquid.Proxy.String.Processing.NULL.Pointer.Dereference.DoS
Description
This indicates an attack attempt against a denial-of-service vulnerability in the Squid Proxy Cache component.
The vulnerability is caused by an input validation error when the vulnerable software handles a specially crafted string sent in a request. It allows a remote attacker to cause a denial of service.
Affected Products
Squid Web Proxy Cache 3.1.5
Squid Web Proxy Cache 3.1.4
Squid Web Proxy Cache 3.0 PRE3
Squid Web Proxy Cache 3.0 PRE2
Squid Web Proxy Cache 3.0 PRE1
Squid Web Proxy Cache 3.0
Squid Web Proxy Cache 3.2.0.1
Squid Web Proxy Cache 3.2
Squid Web Proxy Cache 3.1.7
Squid Web Proxy Cache 3.1.6
Squid Web Proxy Cache 3.1.0.16
Squid Web Proxy Cache 3.1.0.15
Squid Web Proxy Cache 3.1.0.12
Squid Web Proxy Cache 3.1.0.11
Squid Web Proxy Cache 3.1
Squid Web Proxy Cache 3.0.STABLE7
Squid Web Proxy Cache 3.0.STABLE6
Squid Web Proxy Cache 3.0.STABLE5
Squid Web Proxy Cache 3.0.STABLE4
Squid Web Proxy Cache 3.0.STABLE3
Squid Web Proxy Cache 3.0.STABLE25
Squid Web Proxy Cache 3.0.STABLE24
Squid Web Proxy Cache 3.0.STABLE23
Squid Web Proxy Cache 3.0.STABLE22
Squid Web Proxy Cache 3.0.STABLE21
Squid Web Proxy Cache 3.0.STABLE2
Squid Web Proxy Cache 3.0.STABLE17
Squid Web Proxy Cache 3.0.STABLE16
Squid Web Proxy Cache 3.0.STABLE13
Squid Web Proxy Cache 3.0.STABLE12
Squid Web Proxy Cache 3.0.STABLE1
Impact
Denial of service
Recommended Actions
Upgrade to Squid version 3.1.8 or 3.2.0.2:
http://www.squid-cache.org
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 24691 |
| Created | Nov 02, 2010 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2010-3072 |
| Exploit Prediction Score | 95.65% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, Solaris, MacOS |
| Affected App | Other |