Conectiva Local Security Checks : Conectiva Security Advisory CLSA-2005:1016

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55465

Categoría: Conectiva Local Security Checks

Título: Conectiva Security Advisory CLSA-2005:1016

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory CLSA-2005:1016.

CVE-2005-2794
store.c in Squid allows remote attackers to cause a denial of
service (application crash) via certain aborted requests that
trigger an assert error related to STORE_PENDING.

CVE-2005-2796
The sslConnectTimeout function in ssl.c for Squid allows remote
attackers to cause a denial of service (segmentation fault) via
certain crafted requests.

Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001016
http://www.squid-cache.org/

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-2794
14761
http://www.securityfocus.com/bid/14761
16977
http://secunia.com/advisories/16977
17027
http://secunia.com/advisories/17027
DSA-809
http://www.debian.org/security/2005/dsa-809
FLSA-2006:152809
http://fedoranews.org/updates/FEDORA--.shtml
GLSA-200509-06
http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml
MDKSA-2005:162
http://www.mandriva.com/security/advisories?name=MDKSA-2005:162
RHSA-2005:766
http://www.redhat.com/support/errata/RHSA-2005-766.html
SUSE-SA:2005:053
http://www.novell.com/linux/security/advisories/2005_53_squid.html
SUSE-SR:2005:021
http://www.novell.com/linux/security/advisories/2005_21_sr.html
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING
oval:org.mitre.oval:def:10276
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276
Common Vulnerability Exposure (CVE) ID: CVE-2005-2796
1014846
http://securitytracker.com/id?1014846
14731
http://www.securityfocus.com/bid/14731
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout
oval:org.mitre.oval:def:10522
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10522

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55465
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLSA-2005:1016
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLSA-2005:1016. CVE-2005-2794 store.c in Squid allows remote attackers to cause a denial of service (application crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. CVE-2005-2796 The sslConnectTimeout function in ssl.c for Squid allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001016 http://www.squid-cache.org/ Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2794 14761 http://www.securityfocus.com/bid/14761 16977 http://secunia.com/advisories/16977 17027 http://secunia.com/advisories/17027 DSA-809 http://www.debian.org/security/2005/dsa-809 FLSA-2006:152809 http://fedoranews.org/updates/FEDORA--.shtml GLSA-200509-06 http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml MDKSA-2005:162 http://www.mandriva.com/security/advisories?name=MDKSA-2005:162 RHSA-2005:766 http://www.redhat.com/support/errata/RHSA-2005-766.html SUSE-SA:2005:053 http://www.novell.com/linux/security/advisories/2005_53_squid.html SUSE-SR:2005:021 http://www.novell.com/linux/security/advisories/2005_21_sr.html http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING oval:org.mitre.oval:def:10276 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276 Common Vulnerability Exposure (CVE) ID: CVE-2005-2796 1014846 http://securitytracker.com/id?1014846 14731 http://www.securityfocus.com/bid/14731 http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout oval:org.mitre.oval:def:10522 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10522
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com