Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Squid ‘strHdrAcptLangGetItem()’拒绝服务漏洞
Vulnerability Description
Squid(全称Squid Cache)是一套代理服务器和Web缓存服务器软件。该软件提供缓存万维网、过滤流量、代理上网等功能。 Squid 3.2.9之前的3.2.x版本和3.3.3之前的3.3.x版本中的errorpage.cc文件中的‘strHdrAcptLangGetItem’函数中存在漏洞。远程攻击者可通过向Accept-Language头文件中插入‘,’字符,利用该漏洞导致拒绝服务(无限循环和CPU消耗)。
CVSS Information
N/A
Vulnerability Type
N/A