| Description: | Description:
The remote host is missing an update to squid
announced via advisory TLSA-2005-24.
Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.
Multiple vulnerabilities have been discovered in Squid:
- A buffer overflow vulnerability exists in the gopherToHTML function in
the Gopher reply parser.
- A integer overflow vulnerability exists in the WCCP message parsing code.
- Squid's squid_ldap_auth function allows remotely authenticated users
to bypass username-based Access Control Lists (ACLs) via a username
with a space at the beginning or end, which is ignored by the LDAP server.
- Squid may be susceptible to cache pollution via a HTTP reponse splitting
attack.
- The meaning of the access controls becomes somewhat confusing if any
of the referenced ACLs is declared empty, without any members.
- The length argument of the WCCP recvfrom() call is larger than it
should be. An attacker could send a larger-than-normal WCCP packet
and overflow the buffer.
These vulnerabilities could allow remote attackers to cause a denial of
service, possibly execute arbitrary code, and/or allow remote users to
bypass access control rules.
Solution: Please use the turbopkg (zabom) tool to apply the update.
http://www.securityspace.com/smysecure/catid.html?in=TLSA-2005-24
Risk factor : Critical
CVSS Score:
10.0
|
