Description
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set.
Remediation
References
Related Vulnerabilities
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6830)
Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.23)
WordPress Plugin TDO Mini Forms Arbitrary File Upload (0.13.9)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5876)