This host is running Squid Proxy Server and is prone to denial of service vulnerability.

Successful exploitation could allow remote attackers to cause a denial of service via a crafted 'Accept-Language' header. Impact Level: Application

Upgrade to Squid Version 3.2.9, 3.3.3 or later, For updates refer to http://www.squid-cache.org/Download

Error within the 'strHdrAcptLangGetItem()' function in errorpage.cc when handling the 'Accept-Language' header.

Squid Version 3.2.x before 3.2.9 and 3.3.x before 3.3.3

Send crafted 'Accept-Language' header request and check is it vulnerable to DoS or not.

• http://osvdb.org/90910
• http://secunia.com/advisories/52588
• http://www.openwall.com/lists/oss-security/2013/03/11/7
• http://www.securityfocus.com/archive/1/525932/30/30/threaded
• http://www.squid-cache.org/Advisories/SQUID-2013_1.txt

---

Updated on 2015-03-25