Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories» Mandrake » Squid multiple vulnerabilities

Squid multiple vulnerabilities

Multiple vulnerabilities have been found in Squid 2.5: ACL bypass, race condition for handling cookies and denial of service.

  • Vendor: Mandrake
  • Vendor ID: MDKSA-2005:078
  • Date: April 28, 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: squid
Advisory ID: MDKSA-2005:078
Date: April 28th, 2005

Affected versions: 10.0, 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________

Problem Description:

Squid 2.5, when processing the configuration file, parses empty Access
Control Lists (ACLs), including proxy_auth ACLs without defined auth
schemes, in a way that effectively removes arguments, which could allow
remote attackers to bypass intended ACLs if the administrator ignores
the parser warnings. (CAN-2005-0194)

Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape
Set-Cookie recommendations for handling cookies in caches, may cause
Set-Cookie headers to be sent to other users, which allows attackers to
steal the related cookies. (CAN-2005-0626)

Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial
of service (segmentation fault) by aborting the connection during a (1)
PUT or (2) POST request, which causes Squid to access previosuly freed
memory. (CAN-2005-0718)

In addition, due to subtle bugs in the previous backported updates of
squid (Bugzilla #14209), all the squid-2.5 versions have been updated to
squid-2.5.STABLE9 with all the STABLE9 patches from the squid developers.

The updated packages are patched to fix these problems.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
19b0bdb45e358fbccc080e09cf274bca 10.0/RPMS/squid-2.5.STABLE9-1.1.100mdk.i586.rpm
5738f9bf3c36cd6092cca77960580467 10.0/SRPMS/squid-2.5.STABLE9-1.1.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
fc15ab0245c05d3ee9222caf700da7c7 amd64/10.0/RPMS/squid-2.5.STABLE9-1.1.100mdk.amd64.rpm
5738f9bf3c36cd6092cca77960580467 amd64/10.0/SRPMS/squid-2.5.STABLE9-1.1.100mdk.src.rpm

Mandrakelinux 10.1:
258f532d766624e4f21936fa31150379 10.1/RPMS/squid-2.5.STABLE6-2.4.101mdk.i586.rpm
f4a8b90704f752906ee1de301800eb17 10.1/RPMS/squid-2.5.STABLE9-1.1.101mdk.i586.rpm
b6c79d25d11a58e589af08d0a20807a7 10.1/SRPMS/squid-2.5.STABLE9-1.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
df1d16c47e1fbe579633f26064a7c72e x86_64/10.1/RPMS/squid-2.5.STABLE9-1.1.101mdk.x86_64.rpm
b6c79d25d11a58e589af08d0a20807a7 x86_64/10.1/SRPMS/squid-2.5.STABLE9-1.1.101mdk.src.rpm

Mandrakelinux 10.2:
81780136aa37f1ad1df50101b51914fa 10.2/RPMS/squid-2.5.STABLE9-1.1.102mdk.i586.rpm
e81e7e584f36cc989cfc7c08a18b453c 10.2/SRPMS/squid-2.5.STABLE9-1.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
a8e6b2ebeafcae07a708256455508280 x86_64/10.2/RPMS/squid-2.5.STABLE9-1.1.102mdk.x86_64.rpm
e81e7e584f36cc989cfc7c08a18b453c x86_64/10.2/SRPMS/squid-2.5.STABLE9-1.1.102mdk.src.rpm

Corporate Server 2.1:
8044aed82f158b377ef1f987f14c02da corporate/2.1/RPMS/squid-2.4.STABLE7-2.6.C21mdk.i586.rpm
715494248752557eb0b718f2a4dd34c9 corporate/2.1/SRPMS/squid-2.4.STABLE7-2.6.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
faf3786d2a62f4b4776a79a3d9fe091a
x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.6.C21mdk.x86_64.rpm
715494248752557eb0b718f2a4dd34c9
x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.6.C21mdk.src.rpm

Corporate 3.0:
6afc0bba2ef06f8a50bf3f24b4da9550 corporate/3.0/RPMS/squid-2.5.STABLE9-1.1.C30mdk.i586.rpm
3ae337e1ba1ee16c09bdf0c699b3a754 corporate/3.0/SRPMS/squid-2.5.STABLE9-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
8028593f7c4176ce4d5767a653faba3f
x86_64/corporate/3.0/RPMS/squid-2.5.STABLE9-1.1.C30mdk.x86_64.rpm
3ae337e1ba1ee16c09bdf0c699b3a754
x86_64/corporate/3.0/SRPMS/squid-2.5.STABLE9-1.1.C30mdk.src.rpm
_______________________________________________________________________

Bug IDs fixed (see http://qa.mandriva.com for more information):

14209
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCchAHmqjQ0CJFipgRAtFiAJ4ksLnVAgjyCjGmzs76nyEnZltx+ACcCuoT
EPANs4aboX9BUnbFyBMutmM=
=f9cD
-----END PGP SIGNATURE-----

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »