[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200712101017.25649.m.huter@phion.com>
Date: Mon, 10 Dec 2007 10:17:25 +0100
From: Martin Huter <m.huter@...on.com>
To: bugtraq@...urityfocus.com
Subject: squids ICAP implementation lacks a defer check when reading from ICAP server
squids ICAP implementation does not check mem-store size before reading from
an
ICAP-server.
If the user does not confirm browsers download-message-box, squid keeps on
reading data from the ICAP server into the memory store, whilst no more data
can be delivered to the client.
Thus the memory store is growing and squid may - in worst case - consume
memory
up to the size of the users download.
details and a patch can be found on
http://www.squid-cache.org/bugs/show_bug.cgi?id=2136
--
Martin Huter
Unit Manager
phion AG
Eduard-Bodem-Gasse 1
A-6020 Innsbruck
Tel: +43 (0) 508 100
Fax: +43 (0) 508 100 20
Mail: m.huter@...on.com
Web: http://www.phion.com
phion AG
Vorsitzender des Aufsichtsrates: Dr. Karl Lamprecht
Vorstand: Dr. Wieland Alge, Mag. Günter Klausner
Sitz der Gesellschaft: 6020 Innsbruck, Österreich
Handelsgericht Innsbruck Firmenbuch: 184392s
UID-Nr:: ATU47509003
Powered by blists - more mailing lists