Intrusion Prevention

Squid.Proxy.ESI.Response.Processing.DoS

Description

This indicates an attempt to exploit a Denial of Service vulnerability in Squid proxy.
The vulnerability is due to Edge Slides Includes (ESI) handling ESI response packets improperly. A remote attacker may be able to exploit this to cause a denial of service condition on the target via a crafted packet.

Affected Products

Squid Project Squid 3.x prior to 3.5.18
Squid Project Squid 4.x prior to 4.0.10

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Upgrade to the latest version, available from the website.
http://www.squid-cache.org/Advisories/SQUID-2016_9.txt