The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_version": "3.3.8-1ubuntu6.2", "binary_name": "squid" }, { "binary_version": "3.3.8-1ubuntu6.2", "binary_name": "squid-cgi" }, { "binary_version": "3.3.8-1ubuntu6.2", "binary_name": "squid-purge" }, { "binary_version": "3.3.8-1ubuntu6.2", "binary_name": "squid3" }, { "binary_version": "3.3.8-1ubuntu6.2", "binary_name": "squid3-common" }, { "binary_version": "3.3.8-1ubuntu6.2", "binary_name": "squid3-dbg" }, { "binary_version": "3.3.8-1ubuntu6.2", "binary_name": "squidclient" } ] }