Description
The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.
Remediation
References
Related Vulnerabilities
WordPress Plugin Visual Form Builder Multiple Cross-Site Scripting Vulnerabilities (2.8.6)
WordPress Plugin All-in-One Custom Backgrounds Lite Unspecified Vulnerability (2.0.2)
WordPress Plugin Ajax Gallery 'list.php' SQL Injection (3.0)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Multiple Vulnerabilities (4.9.3)