Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted DNS packets.
Squid still using the obsolete dnsserver are not vulnerable.
The ignore_unknown_nameservers option affects the severity of this vulnerability. When set to "on" (the default) risk is low. When …