 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.51325 |
| Categoría: | Conectiva Local Security Checks |
| Título: | Conectiva Security Advisory CLA-2005:923 |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing updates announced in advisory CLA-2005:923. Squid[1] is a full-featured web proxy cache. This announcement adds the following patches to Squid: 1.Empty ACLs[2] The meaning of the access controls becomes somewhat confusing if any of the referenced acls is declared empty, without any members. 2.Fakeauth_auth[3] The NTLM fakeauth_auth helper has a memory leak that may cause it to run out of memory under high load, or if it runs for a very long time. Additionally, a malformed NTLM type 3 message could cause a segmentation violation. 3.LDAP spaces[4] LDAP is very forgiving about spaces in search filters and this could be abused to log in using several variants of the login name, possibly bypassing explicit access controls or confusing accounting 4.Non blocking disk[5] O_NONBLOCK on disk files is not is not standardized, and results may be unexpected. Linux now starts to add O_NONBLOCK support on disk files but the implementation is not complete yet and this bites Squid. 5.Gopher html parsing[6] A malicious gopher server may return a response with very long lines that cause a buffer overflow in Squid. 6.WCCP denial of service[7] WCCP_I_SEE_YOU messages contain a 'number of caches' field which should be between 1 and 32. Values outside that range may crash Squid if WCCP is enabled, and if an attacker can spoof UDP packets with the WCCP router's IP address. 7.SNMP core dump[8] If certain malformed SNMP request is received Squid restarts with a Segmentation Fault error. Aditionally, this announcement increases the Squid's initscript timeout for waiting it to stop from 10 seconds to 35 seconds, avoiding problems with stuck connections. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://squid.nlanr.net/ http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-non_blocking_disk http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-gopher_html_parsing http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_denial_of_service http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-SNMP_core_dump http://www.securityspace.com/smysecure/catid.html?in=CLA-2005:923 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000923 Risk factor : High |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |