Turbolinux Local Security Tests : Turbolinux TLSA-2007-17 (squid)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58140

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2007-17 (squid)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to squid
announced via advisory TLSA-2007-17.

Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.

Squid allows remote attackers to cause a denial of service (crash) via crafted FTP directory.
Squid allows remote attackers to cause a denial of service (crash) by causing a queue overload.

The vulnerability allows remote attackers to cause a denial of service.

Solution: Please use the turbopkg (zabom) tool to apply the update.
http://www.securityspace.com/smysecure/catid.html?in=TLSA-2007-17

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-0247
BugTraq ID: 22079
http://www.securityfocus.com/bid/22079
http://fedoranews.org/cms/node/2442
http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:026
http://osvdb.org/39839
http://secunia.com/advisories/23767
http://secunia.com/advisories/23805
http://secunia.com/advisories/23810
http://secunia.com/advisories/23837
http://secunia.com/advisories/23889
http://secunia.com/advisories/23921
http://secunia.com/advisories/23946
SuSE Security Announcement: SUSE-SA:2007:012 (Google Search)
http://www.novell.com/linux/security/advisories/2007_12_squid.html
http://www.trustix.org/errata/2007/0003/
http://www.ubuntu.com/usn/usn-414-1
http://www.vupen.com/english/advisories/2007/0199
XForce ISS Database: squid-multiple-dos(31523)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31523
Common Vulnerability Exposure (CVE) ID: CVE-2007-0248
BugTraq ID: 22203
http://www.securityfocus.com/bid/22203
XForce ISS Database: squid-externalacl-dos(31525)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31525

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58140
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2007-17 (squid)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to squid announced via advisory TLSA-2007-17. Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid allows remote attackers to cause a denial of service (crash) via crafted FTP directory. Squid allows remote attackers to cause a denial of service (crash) by causing a queue overload. The vulnerability allows remote attackers to cause a denial of service. Solution: Please use the turbopkg (zabom) tool to apply the update. http://www.securityspace.com/smysecure/catid.html?in=TLSA-2007-17 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0247 BugTraq ID: 22079 http://www.securityfocus.com/bid/22079 http://fedoranews.org/cms/node/2442 http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:026 http://osvdb.org/39839 http://secunia.com/advisories/23767 http://secunia.com/advisories/23805 http://secunia.com/advisories/23810 http://secunia.com/advisories/23837 http://secunia.com/advisories/23889 http://secunia.com/advisories/23921 http://secunia.com/advisories/23946 SuSE Security Announcement: SUSE-SA:2007:012 (Google Search) http://www.novell.com/linux/security/advisories/2007_12_squid.html http://www.trustix.org/errata/2007/0003/ http://www.ubuntu.com/usn/usn-414-1 http://www.vupen.com/english/advisories/2007/0199 XForce ISS Database: squid-multiple-dos(31523) https://exchange.xforce.ibmcloud.com/vulnerabilities/31523 Common Vulnerability Exposure (CVE) ID: CVE-2007-0248 BugTraq ID: 22203 http://www.securityfocus.com/bid/22203 XForce ISS Database: squid-externalacl-dos(31525) https://exchange.xforce.ibmcloud.com/vulnerabilities/31525
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com