Description
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set.
Remediation
References
Related Vulnerabilities
SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3387)
WordPress Plugin Social Sharing Toolkit Cross-Site Scripting (2.6)
Atlassian Confluence Incorrect Default Permissions Vulnerability (CVE-2017-9505)
WordPress Plugin Network Publisher 'networkpub_key' Parameter Cross-Site Scripting (5.0.1)