Squid.Proxy.Response.Processing.ESICustomParser.DoS
Description
This indicates an attack attempt to exploit a Denial Of Service Vulnerability in Squid proxy.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted ESI response. An attacker can exploit this to cause a denial of service condition on the affected machine via a crafted ESI response.
Affected Products
Squid Project Squid 3.x up to 3.5.27
Squid Project Squid 4.x prior to 4.0.23
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor:
http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |