|
Family: Debian Local Security Checks --> Category: infos
[DSA019] DSA-019-1 squid Vulnerability Scan
Vulnerability Scan Summary DSA-019-1 squid
Detailed Explanation for this Vulnerability Test
WireX discovered a potential temporary file race condition
in the way that squid sends out email messages notifying the administrator
about updating the program. This could lead to arbitrary files to get
overwritten. However the code would only be executed if running a very bleeding
edge release of squid, running a server whose time is set some number of months
in the past and squid is crashing. Read it as hardly to exploit. This version
also contains more upstream bugfixes wrt. dots in hostnames and improper HTML
quoting.
Solution : http://www.debian.org/security/2001/dsa-019
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|