Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:078: squid Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the squid package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:078 (squid).
Squid 2.5, when processing the configuration file, parses empty Access Control
Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way
that effectively removes arguments, which could allow remote attackers to
bypass intended ACLs if the administrator ignores the parser warnings.
Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape
Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie
headers to be sent to other users, which allows attackers to steal the related
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of
service (segmentation fault) by aborting the connection during a (1) PUT or (2)
POST request, which causes Squid to access previosuly freed memory.
In addition, due to subtle bugs in the previous backported updates of squid
(Bugzilla #14209), all the squid-2.5 versions have been updated to
squid-2.5.STABLE9 with all the STABLE9 patches from the squid developers.
The updated packages are patched to fix these problems.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:078
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.