Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 6.10: USN-441-1 Critical: Squid Denial Of Service Attack

Calendar Mar 26, 2007 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu Squid TRACE request
A flaw was discovered in Squid's handling of the TRACE request method which could lead to a crash. Remote attackers with access to the Squid server could send malicious TRACE requests, and cause a denial of service. 
=========================================================== 
Ubuntu Security Notice USN-441-1             March 26, 2007
squid vulnerability
CVE-2007-1560
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.10:
  squid-common                             2.6.1-3ubuntu1.3

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A flaw was discovered in Squid's handling of the TRACE request method 
which could lead to a crash.  Remote attackers with access to the Squid 
server could send malicious TRACE requests, and cause a denial of 
service.


Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:   250876 1cdb68f572905a658332626bf5c82e0d
          Size/MD5:      675 68ea342ede9e0884bd9322f506d5e853
          Size/MD5:  1593236 5035d9cc90e8033e4eac232ce19a665f

  Architecture independent packages:

          Size/MD5:   415788 177a7816bf2c86a023f5c7430d347c51

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   109486 82e54a172321ef88adb4adbe9c5aa280
          Size/MD5:   678350 49dedf891d3278a315c883b77a772863
          Size/MD5:    82004 8531f4aace8da06140b083a3a45d222c

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   108662 a0ecd2ae24f41f65d8140cd0ab5589c0
          Size/MD5:   609310 132f8fdc740c9ef37240a3e52fb9eb2e
          Size/MD5:    81248 33e11dee2c379ca822086590757b44b4

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   109314 b01d5dae4d047d685eecf9d4a38fa444
          Size/MD5:   683102 da2e3182544065eff0d5f1a2a2e5757f
          Size/MD5:    81936 77d439db8784d924e45e55a95e1faf7f

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   108928 f0335d3acb4695bb7cef62ca6d49cfda
          Size/MD5:   635674 91801712e36e9acac7b1e749b8cfbb39
          Size/MD5:    82300 16d95a56a9e55d1b0b3ec8af5e01e43f

Ubuntu 6.10: USN-441-1 Critical: Squid Denial Of Service Attack

ubuntu
Calendar Grey March 26, 2007
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-441-1 March 26, 2007 squid vulnerability CVE-2007-1560 A security issue a
A flaw was discovered in Squid's handling of the TRACE request method which could lead to a crash

Summary

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu Squid TRACE request

Update Instructions

References

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-441-1 March 26, 2007

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu Squid TRACE request

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here