VULHUB ™

A buffer overflow exists in the Squid proxy server's FTP URL handling. If a user has the ability to use the Squid process to proxy FTP requests, it may be possible for the user make a malicious request. By sending a custom-crafted ftp:// URL through the squid proxy, it is possible to crash the server, requiring manual restart to resume normal operation. This problem could also be exploited to allow the execution of code with the privileges of the Squid process, typically 'nobody'.

A buffer overflow exists in the Squid proxy server's FTP URL handling. If a user has the ability to use the Squid process to proxy FTP requests, it may be possible for the user make a malicious request. By sending a custom-crafted ftp:// URL through the squid proxy, it is possible to crash the server, requiring manual restart to resume normal operation. This problem could also be exploited to allow the execution of code with the privileges of the Squid process, typically 'nobody'.