Your submission was sent successfully! Close

CVE-2014-7142

Published: 23 September 2014

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Priority

Low

Status

Package Release Status
squid
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

squid3
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [3.3.8-1ubuntu6.2])
Patches:
Upstream: http://bazaar.launchpad.net/~squid/squid/trunk/revision/13583 (trunk)
Upstream: http://bazaar.launchpad.net/~squid/squid/3.2/revision/11830 (3.2)