Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Squid Resource Management Errors Vulnerability (CVE-2011-4096)

Description

The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record.

Remediation

References

Related Vulnerabilities

phpMyAdmin CVE-2017-18264 Vulnerability (CVE-2017-18264)

Plone CMS Other Vulnerability (CVE-2006-4247)

Apache Tomcat Other Vulnerability (CVE-2000-0672)

WordPress Plugin QIWI payment module for Woocommerce Cross-Site Scripting (0.0.9)

math.js Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2017-1001002)

Severity

Medium

Classification

CVE-2011-4096

Tags

Missing Update Known Vulnerabilities