Description
dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set.
Remediation
References
Related Vulnerabilities
TYPO3 Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-36104)
WordPress Plugin Change WordPress Login Logo Cross-Site Scripting (1.1.4)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7846)
Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096)