FreeBSD Local Security Checks : FreeBSD Ports: squid

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52208

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: squid

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: squid

CVE-2005-0174
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the
cache or conduct certain attacks via headers that do not follow the
HTTP specification, including (1) multiple Content-Length headers, (2)
carriage return (CR) characters that are not part of a CRLF pair, and
(3) header names containing whitespace characters.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0174
BugTraq ID: 12412
http://www.securityfocus.com/bid/12412
Bugtraq: 20050207 [USN-77-1] Squid vulnerabilities (Google Search)
http://marc.info/?l=bugtraq&m=110780531820947&w=2
CERT/CC vulnerability note: VU#768702
http://www.kb.cert.org/vuls/id/768702
Conectiva Linux advisory: CLA-2005:931
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931
http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html
http://fedoranews.org/updates/FEDORA--.shtml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:034
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10656
http://www.redhat.com/support/errata/RHSA-2005-060.html
http://www.redhat.com/support/errata/RHSA-2005-061.html
SuSE Security Announcement: SUSE-SA:2005:006 (Google Search)
http://www.novell.com/linux/security/advisories/2005_06_squid.html

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52208
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: squid
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: squid CVE-2005-0174 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0174 BugTraq ID: 12412 http://www.securityfocus.com/bid/12412 Bugtraq: 20050207 [USN-77-1] Squid vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110780531820947&w=2 CERT/CC vulnerability note: VU#768702 http://www.kb.cert.org/vuls/id/768702 Conectiva Linux advisory: CLA-2005:931 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931 http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html http://fedoranews.org/updates/FEDORA--.shtml http://www.mandriva.com/security/advisories?name=MDKSA-2005:034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10656 http://www.redhat.com/support/errata/RHSA-2005-060.html http://www.redhat.com/support/errata/RHSA-2005-061.html SuSE Security Announcement: SUSE-SA:2005:006 (Google Search) http://www.novell.com/linux/security/advisories/2005_06_squid.html
Copyright	Copyright (C) 2008 E-Soft Inc.