[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] squid vulnerabilities: DoS attack, remote exploit

To: linux-security
Subject: [linux-security] squid vulnerabilities: DoS attack, remote exploit
From: Martin Siegert <siegert@sfu.ca>
Date: Wed, 27 Feb 2002 19:46:16 -0800
User-Agent: Mutt/1.2.5.1i

Topic
=====
vulnerabilities in squid allow DoS attack and remote exploit

Problem Description
===================
Squid is a high-performance proxy caching server.  Various security issues
have been found in Squid up to and including version 2.4.STABLE2.  These were:

- a memory leak in the SNMP code
- a crash on specially-formatted data in FTP URL parsing
- HTCP would still be active, even if it was disabled in the config file

The memory leak in the SNMP code allows a Denial of Service (DoS) attack
against the squid server. The buffer overflow in the ftp URL parsing code
could allow a remote exploit under the permissions of the user id of the
squid server.

Affected Systems
================
squid versions 2.x < squid-2.4.STABLE4

Solution
========
upgrade to squid-2.4.STABLE4 (or patched versions for your distribution)

RedHat 6.x
----------
rpm -Fvh squid-2.4.STABLE3-1.6.2.i386.rpm

RedHat 7.0
----------
rpm -Fvh squid-2.4.STABLE3-1.7.0.i386.rpm

RedHat 7.1
----------
rpm -Fvh squid-2.4.STABLE3-1.7.1.i386.rpm

RedHat 7.2
----------
rpm -Fvh squid-2.4.STABLE3-1.7.2.i386.rpm

Mandrake 7.x
------------
rpm -Fvh squid-2.4.STABLE4-1.5mdk.i586.rpm

Mandrake 8.0
------------
rpm -Fvh squid-2.4.STABLE4-1.6mdk.i586.rpm

Prev by Date: Re: [linux-security] Alert: multiple vulnerabilities in SNMP packages (Debian, Mandrake)
Next by Date: [linux-security] php remote exploit
Prev by thread: Re: [linux-security] php remote exploit (Debian)
Next by thread: [linux-security] Alert: multiple vulnerabilities in SNMP packages
Index(es):
- Date
- Thread