ID de Prueba:	1.3.6.1.4.1.25623.1.0.800460
Categoría:	Denial of Service
Título:	Squid 'lib/rfc1035.c' DoS Vulnerability (SQUID-2010:1)
Resumen:	Squid is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Squid is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to error in 'lib/rfc1035.c' when, processing crafted DNS packet that only contains a header. Vulnerability Impact: Successful exploitation could allow remote attackers to cause a denial of service via a crafted auth header. Affected Software/OS: Squid versions 2.x, 3.0 through 3.0.STABLE22 and 3.1 through 3.1.0.15. Solution: Apply patches from the references or upgrade to version 3.0.STABLE23, 3.1.0.16 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0308 1023520 http://www.securitytracker.com/id?1023520 37522 http://www.securityfocus.com/bid/37522 38451 http://secunia.com/advisories/38451 38455 http://secunia.com/advisories/38455 62044 http://osvdb.org/62044 ADV-2010-0260 http://www.vupen.com/english/advisories/2010/0260 http://events.ccc.de/congress/2009/Fahrplan/attachments/1483_26c3_ipv4_fuckups.pdf http://www.squid-cache.org/Advisories/SQUID-2010_1.txt http://www.squid-cache.org/Versions/v2/HEAD/changesets/12597.patch http://www.squid-cache.org/Versions/v3/3.0/changesets/squid-3.0-9163.patch http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-9853.patch oval:org.mitre.oval:def:11270 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11270 squid-dns-dos(56001) https://exchange.xforce.ibmcloud.com/vulnerabilities/56001
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.