Family: Debian Local Security Checks --> Category: infos
[DSA474] DSA-474-1 squid Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
A vulnerability was discovered in squid, an Internet object cache,
whereby access control lists based on URLs could be bypassed
(CVE-2004-0189). Two other bugs were also fixed with patches
squid-2.4.STABLE7-url_escape.patch (a buffer overrun which does not
appear to be exploitable) and squid-2.4.STABLE7-url_port.patch (a
potential denial of service).
For the stable distribution (woody) these problems have been fixed in
For the unstable distribution (sid) these problems have been fixed in
We recommend that you update your squid package.
Solution : http://www.debian.org/security/2004/dsa-474
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.