English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 148472 CVE descriptions
and 72306 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2008-15
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 16 Apr 2008
 Last revised: 16 Apr 2008

 Package: squid

 Summary: Squid denial of service attack

 More information:
    Squid is a high-performance proxy caching server for web clients,
    supporting FTP, gopher and HTTP data objects.  Unlike traditional
    caching software, Squid handles all requests in a single, non-blocking,
    I/O-driven process.

    The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows
    attackers to cause a denial of service (process exit) via unknown
    vectors that cause an array to shrink to 0 entries,
    which triggers an assert error. (CVE-2008-1612)

 Affected Products:
    - Turbolinux 11 Server x64 Edition
    - Turbolinux 11 Server
    - Turbolinux Appliance Server 2.0
    - Turbolinux 10 Server x64 Edition
    - Turbolinux Appliance Server 1.0 Hosting Edition
    - Turbolinux Appliance Server 1.0 Workgroup Edition
    - Turbolinux 10 Server


 <Turbolinux 11 Server x64 Edition>
 
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/11/updates/SRPMS/squid-2.6.STABLE16-6.src.rpm
      1322812 b84f6f2cbd144fe8b7dcc378c72cb4e1

   Binary Packages
   Size: MD5

   squid-2.6.STABLE16-6.x86_64.rpm
       997762 b22b2c37252ada4662a4dbee63b9cd91

 <Turbolinux 11 Server>
 
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/11/updates/SRPMS/squid-2.6.STABLE16-6.src.rpm
      1322812 b84f6f2cbd144fe8b7dcc378c72cb4e1

   Binary Packages
   Size: MD5

   squid-2.6.STABLE16-6.i686.rpm
       947482 d61a0cc969fff843c2392e9a2f7099e9

 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   squid-2.5.STABLE10-8.src.rpm
      1575038 c85b37ff77342aa3db88d581540a8cb3

   Binary Packages
   Size: MD5

   squid-2.5.STABLE10-8.i586.rpm
       882790 c15786be17850d43b56b253c095cd33d

 <Turbolinux 10 Server x64 Edition>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/squid-2.5.STABLE10-8.src.rpm
      1575038 b837f7f067a5e2010f82b130a81bbd38

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/squid-2.5.STABLE10-8.x86_64.rpm
       956279 29ee1397d030bb5fab30f0b952766072
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/squid-debug-2.5.STABLE10-8.x86_64.rpm
      1545936 1e79df54f1baf6b8d9a58c361ab75828

 <Turbolinux Appliance Server 1.0 Hosting Edition>

   Source Packages
   Size: MD5

   squid-2.5.STABLE10-8.src.rpm
      1575038 93e91e1c90c4647ea5dd809f18637955

   Binary Packages
   Size: MD5

   squid-2.5.STABLE10-8.i586.rpm
       856080 c42221a2d8222500cb7097ce7ac865e8

 <Turbolinux Appliance Server 1.0 Workgroup Edition>

   Source Packages
   Size: MD5

   squid-2.5.STABLE10-8.src.rpm
      1575038 3b61c35c2a2fcf5907608134e48172c0

   Binary Packages
   Size: MD5

   squid-2.5.STABLE10-8.i586.rpm
       856557 425f66b97b86451117bfbc6a920b264f

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/squid-2.5.STABLE10-8.src.rpm
      1575038 c85b37ff77342aa3db88d581540a8cb3

   Binary Packages
   Size: MD5

   squid-2.5.STABLE10-8.i586.rpm
       882790 c15786be17850d43b56b253c095cd33d
   squid-debug-2.5.STABLE10-8.i586.rpm
      1549208 6517238e0c94173a84e2ac156972b871


 References:

 CVE
   [CVE-2008-1612]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1612

 --------------------------------------------------------------------------
 Revision History
    16 Apr 2008 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2008 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iEYEARECAAYFAkgF7MAACgkQK0LzjOqIJMz5tgCgrLqqoiiuuUJmD9VhxKeefsT/
DGIAn3oC00Mos0fKyhxaN5DxIysuJ0yf
=syuZ
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.