|
Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:016-1: squid Vulnerability Scan
Vulnerability Scan Summary Check for the version of the squid package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:016-1 (squid).
Three security issues were found in the 2.x versions of the Squid proxy server
up to and including 2.4.STABLE3. The first is a memory leak in the optional SNMP
interface to Squid which could allow a malicious user who can send packets to
the Squid SNMP port to possibly perform a Denial of Service attack on ther
server if the SNMP interface is enabled. The next is a buffer overflow in the
implementation of ftp:// URLs where allowed users could possibly perform a DoS
on the server, and may be able to trigger remote execution of code (which the
authors have not yet confirmed). The final issue is with the HTCP interface
which cannot be properly disabled from squid.conf
HTCP is enabled by default on
Mandrake Linux systems.
Update:
The squid updates for all versions other than Mandrake Linux were incorrectly
built with LDAP authentication which introduced a dependency on OpenLDAP. These
new packages do not use LDAP authentication. The Single Network Firewall 7.2
package previously released did not use LDAP authentication, however rebuilding
the source RPM package required LDAP to be installed. Single Network Firewall
7.2 users do not need to upgrade to these packages to have a properly function
squid.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:016-1
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|