[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] squid vulnerabilities: DoS attack, remote exploit



Topic
=====
vulnerabilities in squid allow DoS attack and remote exploit

Problem Description
===================
Squid is a high-performance proxy caching server.  Various security issues
have been found in Squid up to and including version 2.4.STABLE2.  These were:

- a memory leak in the SNMP code
- a crash on specially-formatted data in FTP URL parsing
- HTCP would still be active, even if it was disabled in the config file

The memory leak in the SNMP code allows a Denial of Service (DoS) attack
against the squid server. The buffer overflow in the ftp URL parsing code
could allow a remote exploit under the permissions of the user id of the
squid server.

Affected Systems
================
squid versions 2.x < squid-2.4.STABLE4

Solution
========
upgrade to squid-2.4.STABLE4 (or patched versions for your distribution)

RedHat 6.x
----------
rpm -Fvh squid-2.4.STABLE3-1.6.2.i386.rpm

RedHat 7.0
----------
rpm -Fvh squid-2.4.STABLE3-1.7.0.i386.rpm

RedHat 7.1
----------
rpm -Fvh squid-2.4.STABLE3-1.7.1.i386.rpm

RedHat 7.2
----------
rpm -Fvh squid-2.4.STABLE3-1.7.2.i386.rpm

Mandrake 7.x
------------
rpm -Fvh squid-2.4.STABLE4-1.5mdk.i586.rpm

Mandrake 8.0
------------
rpm -Fvh squid-2.4.STABLE4-1.6mdk.i586.rpm