Test ID:	1.3.6.1.4.1.25623.1.0.64605
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDVSA-2009:161-1 (squid)
Summary:	The remote host is missing an update to squid;announced via advisory MDVSA-2009:161-1.
Description:	Summary: The remote host is missing an update to squid announced via advisory MDVSA-2009:161-1. Vulnerability Insight: Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses (CVE-2009-2621). Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses (CVE-2009-2622). This update provides fixes for these vulnerabilities. Update: Additional upstream security patches were applied: Debug warnings fills up the logs. Upstream Bug 2728: regression: assertion failed: http.cc:705: !eof Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2621 BugTraq ID: 35812 http://www.securityfocus.com/bid/35812 http://www.mandriva.com/security/advisories?name=MDVSA-2009:161 http://www.mandriva.com/security/advisories?name=MDVSA-2009:178 http://www.securitytracker.com/id?1022607 http://secunia.com/advisories/36007 http://www.vupen.com/english/advisories/2009/2013 Common Vulnerability Exposure (CVE) ID: CVE-2009-2622
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.