Test ID:	1.3.6.1.4.1.25623.1.0.52116
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2005:948
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2005:948. Squid[1] is a full-featured web proxy cache. This announcement upgrades Squid from 2.5STABLE5 to 2.5STABLE9 in order to fix bug #13718[2] and also fixes the two following vulnerabilities: 1.Unexpected access control results on configuration errors[3] On configuration errors involving wrongly defined or missing acls the http_access results may be different than expected, possibly allowing more access than intended. This patch makes such configuration errors a fatal error, preventing the service from starting until the access control configuration errors have been corrected. 2.Race condition related to Set-Cookie header[4] A race window has been discovered where Set-Cookie headers may leak to another users if the requested server relies on the old (obsolete since 1997) Netscape Set-Cookie specifications in how caches should handle the Set-Cookie header on otherwise cacheable content. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.squid-cache.org/ http://bugzilla.conectiva.com.br/show_bug.cgi?id=13718 http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-setcookie http://www.securityspace.com/smysecure/catid.html?in=CLA-2005:948 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000948 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.