 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.50417 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 2 FEDORA-2004-338 (squid) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to squid announced via advisory FEDORA-2004-338. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. * Tue Oct 12 2004 Jay Fenlason 7:2.5.STABLE3-4.fc2.2 - Backport fix for CVE-2004-0918 (Remote Denial of Service attack) This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ b186266417cde4ae107590c2a57529e3 SRPMS/squid-2.5.STABLE5-4.fc2.2.src.rpm 4ec79efd0c0adc7374814f60fefea25b x86_64/squid-2.5.STABLE5-4.fc2.2.x86_64.rpm 40c4b0a65a0a9696bb24b5c3a9fbad3d x86_64/debug/squid-debuginfo-2.5.STABLE5-4.fc2.2.x86_64.rpm be53dc7d7978aa246739670e1f994402 i386/squid-2.5.STABLE5-4.fc2.2.i386.rpm 7f9c55b03369c0985fab4c56bab719f0 i386/debug/squid-debuginfo-2.5.STABLE5-4.fc2.2.i386.rpm This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. Solution: Apply the appropriate updates. http://www.fedoranews.org/updates/FEDORA-2004-338.shtml Risk factor : Medium CVSS Score: 5.0 |
| Cross-Ref: |
BugTraq ID: 11385 Common Vulnerability Exposure (CVE) ID: CVE-2004-0918 http://www.securityfocus.com/bid/11385 Conectiva Linux advisory: CLA-2005:923 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923 https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html http://fedoranews.org/updates/FEDORA--.shtml http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities&flashstatus=false http://marc.info/?l=bugtraq&m=109913064629327&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931 http://www.redhat.com/support/errata/RHSA-2004-591.html SCO Security Bulletin: SCOSA-2005.16 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt http://secunia.com/advisories/30914 http://secunia.com/advisories/30967 SuSE Security Announcement: SUSE-SR:2008:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://www.vupen.com/english/advisories/2008/1969/references XForce ISS Database: squid-snmp-asnparseheader-dos(17688) https://exchange.xforce.ibmcloud.com/vulnerabilities/17688 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |