Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDVSA-2008:134 (squid)

The remote host is missing an update to squid
announced via advisory MDVSA-2008:134.

An incorrect fix for CVE-2007-6239 resulted in Squid not performing
proper bounds checking when processing cache update replies. Because
of this, a remote authenticated user might have been able to trigger
an assertion error and cause a denial of service (CVE-2008-1612).

The updated packages have been patched to correct this issue.

Affected: 2007.1, 2008.0, Corporate 3.0, Corporate 4.0,
Multi Network Firewall 2.0

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

Risk factor : Medium

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-6239
BugTraq ID: 26687
CERT/CC vulnerability note: VU#232881
Debian Security Information: DSA-1482 (Google Search)
SuSE Security Announcement: SUSE-SR:2008:001 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2008-1612
BugTraq ID: 28693
Debian Security Information: DSA-1646 (Google Search)
SuSE Security Announcement: SUSE-SR:2008:011 (Google Search)
XForce ISS Database: squid-arrayshrink-dos(41586)
CopyrightCopyright (c) 2008 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.