Search squid archive

[UPDATED] Squid Security Advisory: Multiple Remote Denial of service issues in header processing.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



__________________________________________________________________

      Squid Proxy Cache Security Update Advisory SQUID-2009:2
__________________________________________________________________

Advisory ID:            SQUID-2009:2
Date:                   August 04, 2009
Summary:                Multiple Remote Denial of service issues
                        in header processing.
Affected versions:      Squid 3.0 -> 3.0.STABLE17,
                        Squid 3.1 -> 3.1.0.12
Fixed in version:       Squid 3.0.STABLE18, 3.1.0.13
__________________________________________________________________

     http://www.squid-cache.org/Advisories/SQUID-2009_2.txt
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-2621
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-2622
__________________________________________________________________

Problem Description:

 Due to incorrect buffer limits and related bound checks Squid
 is vulnerable to a denial of service attack when processing
 specially crafted requests or responses.

 Due to incorrect data validation Squid is vulnerable to a denial
 of service attack when processing specially crafted responses.

__________________________________________________________________

Severity:

 These problems allow any trusted client or external server to
 perform a denial of service attack on the Squid service.

__________________________________________________________________

Updated Packages:

 Theses bugs are fixed by Squid versions 3.0.STABLE18 and 3.1.0.13

 In addition, patches addressing these problems can be found In
 our patch archives. These need to be applied in sequence:

Squid 3.0:
 http://www.squid-cache.org/Versions/v3/3.0/changesets/b9070.patch
 http://www.squid-cache.org/Versions/v3/3.0/changesets/b9074.patch
 http://www.squid-cache.org/Versions/v3/3.0/changesets/b9075.patch
 http://www.squid-cache.org/Versions/v3/3.0/changesets/b9081.patch
 http://www.squid-cache.org/Versions/v3/3.0/changesets/b9082.patch

Squid 3.1:
 http://www.squid-cache.org/Versions/v3/3.1/changesets/b9654.patch
 http://www.squid-cache.org/Versions/v3/3.1/changesets/b9661.patch
 http://www.squid-cache.org/Versions/v3/3.1/changesets/b9668.patch
 http://www.squid-cache.org/Versions/v3/3.1/changesets/b9669.patch


 If you are using a prepackaged version of Squid then please refer
 to the package vendor for availability information on updated
 packages.

__________________________________________________________________

Determining if your version is vulnerable:

 All unpatched Squid-3.0 versions up to and including 3.0.STABLE17
 are vulnerable.

 All unpatched Squid-3.1 versions up to and including 3.1.0.12 are
 vulnerable.

 Squid-2.x releases are not vulnerable.

__________________________________________________________________

Workarounds:

 None currently known.
__________________________________________________________________

Contact details for the Squid project:

 For installation / upgrade support on binary packaged versions
 of Squid: Your first point of contact should be your binary
 package vendor.

 If your install and build Squid from the original Squid sources
 then the squid-users@xxxxxxxxxxxxxxx mailing list is your primary
 support point. For subscription details see
 <http://www.squid-cache.org/Support/mailing-lists.html>.

 For reporting of non-security bugs in the latest STABLE release
 the squid bugzilla database should be used
 <http://www.squid-cache.org/bugs/>.

 For reporting of security sensitive bugs send an email to the
 squid-bugs@xxxxxxxxxxxxxxx mailing list. It's a closed list
 (though anyone can post) and security related bug reports are
 treated in confidence until the impact has been established.

__________________________________________________________________

Credits:

 The request vulnerabilities were discovered by Alex Montoanelli
 of www.unetvale.net

 Some response vulnerabilities were discovered by Rob Middleton
 of Centenary Institute.

 Some response vulnerabilities were discovered by Tuomo Untinen,
 Ossi Herrala and Jukka Taimisto from the CROSS project at
 Codenomicon Ltd.

__________________________________________________________________

Revision history:

 2009-07-27 14:08 GMT Initial version
 2009-08-02 08:15 GMT Add CVE references
 2009-08-03 10:27 GMT Revision for additional flaws patched
 2009-08-04 23:44 GMT Updated fix releases
__________________________________________________________________
END

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux