Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.52897
Kategorie:Turbolinux Local Security Tests
Titel:Turbolinux TLSA-2004-24 (squid)
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing an update to squid
announced via advisory TLSA-2004-24.

Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional caching
software, Squid handles all requests in a single, non-blocking, I/O-driven
process. Squid contains a bug in the %xx URL decoding function.

Squid allows users to bypass certain access controls.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2004-24

Risk factor : High

CVSS Score:
7.5

Querverweis: BugTraq ID: 9778
Common Vulnerability Exposure (CVE) ID: CVE-2004-0189
http://www.securityfocus.com/bid/9778
Bugtraq: 20040401 [OpenPKG-SA-2004.008] OpenPKG Security Advisory (squid) (Google Search)
http://marc.info/?l=bugtraq&m=108084935904110&w=2
Conectiva Linux advisory: CLA-2004:838
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000838
Debian Security Information: DSA-474 (Google Search)
http://www.debian.org/security/2004/dsa-474
http://security.gentoo.org/glsa/glsa-200403-11.xml
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:025
http://www.osvdb.org/5916
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A877
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A941
http://www.redhat.com/support/errata/RHSA-2004-133.html
http://www.redhat.com/support/errata/RHSA-2004-134.html
SCO Security Bulletin: SCOSA-2005.16
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt
SGI Security Advisory: 20040404-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040404-01-U.asc
XForce ISS Database: squid-urlregex-acl-bypass(15366)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15366
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.