Beschreibung: | Description:
The remote host is missing an update to squid announced via advisory TLSA-2005-24.
Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process.
Multiple vulnerabilities have been discovered in Squid: - A buffer overflow vulnerability exists in the gopherToHTML function in the Gopher reply parser. - A integer overflow vulnerability exists in the WCCP message parsing code. - Squid's squid_ldap_auth function allows remotely authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server. - Squid may be susceptible to cache pollution via a HTTP reponse splitting attack. - The meaning of the access controls becomes somewhat confusing if any of the referenced ACLs is declared empty, without any members. - The length argument of the WCCP recvfrom() call is larger than it should be. An attacker could send a larger-than-normal WCCP packet and overflow the buffer.
These vulnerabilities could allow remote attackers to cause a denial of service, possibly execute arbitrary code, and/or allow remote users to bypass access control rules.
Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2005-24
Risk factor : Critical
CVSS Score: 10.0
|