Your submission was sent successfully! Close

CVE-2014-7141

Published: 23 September 2014

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

Priority

Low

Status

Package Release Status
squid
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

squid3
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [3.3.8-1ubuntu6.2])
Patches:
Upstream: http://bazaar.launchpad.net/~squid/squid/trunk/revision/13583 (trunk)
Upstream: http://bazaar.launchpad.net/~squid/squid/3.2/revision/11830 (3.2)