Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2002:027: squid Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the squid package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2002:027 (squid).
A security issue has recently been found and fixed in the Squid-2.X releases up
to and including 2.4.STABLE4.
Error and boundary conditions were not checked when handling compressed DNS
answer messages in the internal DNS code (lib/rfc1035.c). A malicous DNS server
could craft a DNS reply that causes Squid to exit with a SIGSEGV.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:027
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.