Stay Secure with the Latest Linux Advisories

security advisorysecurity issueRed Hat

Red Hat 6.0 Advisory RHSA-1999:025-01 Critical: Squid Remote Access Risk

cachemgr.cgi, the manager interface to Squid, is installed by default in /home/httpd/cgi-bin. If a web server (such as apache) is running, this can allow remote users to sent connect() requests from the local machine to arbitrary hosts and ports. . Red Hat, Inc. Security Advisory Package squid Synopsis Potential misuse of squid cachemgr.cgi Advisory ID RHSA-1999:025-01 Issue Date 1999-07-29 Keywords squid cachemgr.cgi connect 1. Topic: cachemgr.cgi, the manager interface to Squid, is installed by default in /home/httpd/cgi-bin. If a web server (such as apache) is running, this can allow remote users to sent connect() requests from the local machine to arbitrary hosts and ports. 2. Bug IDs fixed: 3. Relevant releases/architectures: Red Hat Linux 6.0, all architectures 4. Obsoleted by: None 5. Conflicts with: None 6. RPMs required: Intel: squid- 2.2.STABLE4-5.i386.rpm Alpha: squid-2.2.STABLE4-5.alpha.rpm SPARC: squid-2.2.STABLE4-5.sparc.rpm Source: squid- 2.2.STABLE4-5.src.rpm 7. Problem description: A remote user could enter a hostname/IP address and port number, and the cachemgr CGI would attempt to connect to that host and port, printing the error if it fails. 8. Solution: For each RPM for your particular architecture, run: rpm -Uvh filename where filename is the name of the RPM. Alternatively, you can simply disable the cachemgr.cgi, by editing your http daemons access control files or deleting/moving the cachemgr.cgi binary. After installing the rpm, please restart squid by typing: /etc/rc.d/init.d/squid restart 9. Verification: MD5 sum Package Name ------------------------------------------------------------------------- 80d527634fc8d8d2029532a628b3d924 squid-2.2.STABLE4-5.i386.rpm 65d18747148d7e3dae4249fe65c18c6b squid-2.2.STABLE4-5.alpha.rpm 734f84b949752fe39b5e58555210ff51 squid-2.2.STABLE4-5.sparc.rpm 02a93b0b1985f8d5c77eb8f3e8981eeb squid-2.2.STABLE4-5.src.rpm These packages are also PGP signed by Red Hat Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted o tampered with, examine only the md5sum with the following command: rpm --checksig --nopgp 10. References: . Uncover vulnerabilities associated with squid's cachemgr.cgi and guidelines to fortify your Red Hat environment against unauthorized external access.. Red Hat Advisory,Squid Cachemgr,Remote Access Threat,Squid Security Fix,Network Risk Mitigation. . Severity: Critical. LinuxSecurity.com Team

Dec 07, 1999 •Critical Red Hat