Squid CONNECT/SSL Miss_Access DoS Vulnerability

Squid CONNECT/SSL Miss_Access DoS Vulnerability

Squid Web Proxy Cache is a free, open source proxy server.

Under some circumstances Squid Web Proxy is prone to crashing. If a host is allowed by http_access but denied by miss_proxy, a condition occurs where Squid Web Proxy will crash if that host tries to make a connection.

If the circumstances for this vulnerability exist, it is possible for a remote attacker to exploit the condition.

The proxy server will need to be restarted to regain normal functionality.

Earlier versions may also be affected.