Squid Proxy WCCP recvfrom() Buffer Overflow Vulnerability

Squid Proxy WCCP recvfrom() Buffer Overflow Vulnerability

The Squid proxy server is vulnerable to a remotely exploitable buffer-overflow vulnerability. The vulnerability resides in Squid's implementation of WCCP (web cache communication protocol), a UDP-based web cache management protocol. The condition is triggered when the server reads a packet that is larger than the size of the buffer allocated to store it. This can occur because 'recvfrom()' is passed an incorrect value for its 'len' argument.