Debian: DSA 576-1 Moderate: Squid Remote Access Security Update
debian
October 29, 2004
Several security vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache.
Topics Covered
Summary
Several security vulnerabilities have been discovered in Squid, the
internet object cache, the popular WWW proxy cache. The Common
Vulnerabilities and Exposures project identifies the following
problems:
CVE-1999-0710
It is possible to bypass access lists and scan arbitrary hosts and
ports in the network through cachemgr.cgi, which is installed by
default. This update disables this feature and introduces a
configuration file (/etc/squid/cachemgr.conf) to control
this behavier.
CAN-2004-0918
The asn_parse_header function (asn1.c) in the SNMP module for
Squid allows remote attackers to cause a denial of service via
certain SNMP packets with negative length fields that causes a
memory allocation error.
For the stable distribution (woody) these problems have been fixed in
version 2.4.6-2woody4.
For the unstable distribution (sid) these problems have been fixed in
version 2.5.7-1.
We recommend that you upgrade your squid package.
Upgrade Instructions
--------------------
...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: squid
CVE ID: CVE-1999-0710 CAN-2004-0918
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!