Test Kennung:	1.3.6.1.4.1.25623.1.0.53003
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: squid
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: squid CVE-2005-0446 Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure. CVE-2005-0096 Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption). CVE-2005-0097 The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0446 BugTraq ID: 12551 http://www.securityfocus.com/bid/12551 Bugtraq: 20050221 [USN-84-1] Squid vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110901183320453&w=2 Conectiva Linux advisory: CLA-2005:931 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931 Debian Security Information: DSA-688 (Google Search) http://www.debian.org/security/2005/dsa-688 http://fedoranews.org/updates/FEDORA--.shtml http://www.gentoo.org/security/en/glsa/glsa-200502-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:047 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11264 http://www.redhat.com/support/errata/RHSA-2005-173.html http://www.redhat.com/support/errata/RHSA-2005-201.html http://secunia.com/advisories/14271 XForce ISS Database: squid-xstrndup-dos(19332) https://exchange.xforce.ibmcloud.com/vulnerabilities/19332 Common Vulnerability Exposure (CVE) ID: CVE-2005-0096 BugTraq ID: 12324 http://www.securityfocus.com/bid/12324 Conectiva Linux advisory: CLA-2005:923 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923 http://security.gentoo.org/glsa/glsa-200501-25.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10233 http://www.redhat.com/support/errata/RHSA-2005-060.html http://www.redhat.com/support/errata/RHSA-2005-061.html http://securitytracker.com/id?1012818 SuSE Security Announcement: SUSE-SA:2005:006 (Google Search) http://www.novell.com/linux/security/advisories/2005_06_squid.html http://www.trustix.org/errata/2005/0003/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0097 BugTraq ID: 12220 http://www.securityfocus.com/bid/12220 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646 http://secunia.com/advisories/13789
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.