|
Family: Debian Local Security Checks --> Category: infos
[DSA809] DSA-809-2 squid Vulnerability Scan
Vulnerability Scan Summary DSA-809-2 squid
Detailed Explanation for this Vulnerability Test
Certain aborted requests that trigger an assertion in squid, the
popular WWW proxy cache, may allow remote attackers to cause a denial
of service. This update also fixes a regression caused by
DSA 751.
For completeness below is the original advisory text:
Several vulnerabilities have been discovered in Squid, the popular WWW
proxy cache. The Common Vulnerabilities and Exposures project
identifies the following problems:
Certain aborted requests that trigger an assert may allow remote
attackers to cause a denial of service.
Specially crafted requests can cause a denial of service.
For the oldstable distribution (woody) this problem has been fixed in
version 2.4.6-2woody10.
For the stable distribution (sarge) these problems have been fixed in
version 2.5.9-10sarge1.
For the unstable distribution (sid) these problems have been fixed in
version 2.5.10-5.
We recommend that you upgrade your squid package.
Solution : http://www.debian.org/security/2005/dsa-809
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|