| VID |
22252 |
| Severity |
40 |
| Port |
8080,3128 |
| Protocol |
TCP |
| Class |
Webproxy |
| Detailed Description |
The Squid caching proxy, according to its version number, has multiple buffer overflow vulnerabilities.
Squid is a freely available Web Proxy server for Linux distributions. Squid Web Proxy Cache versions 2.4 STABLE3 and earlier could allow a remote attacker to cause a denial of service and possibly execute arbitrary code. By issuing an ftp:// URL request containing a specially-crafted username and password, a remote attacker could overflow a buffer and cause the proxy service to crash. It also may be possible for the attacker to use this vulnerability to gain a shell on the affected Squid server.
* Note: This check solely relied on the version number of the remote Squid proxy server to assess this vulnerability, so this might be a false positive.
* References:
http://www.kb.cert.org/vuls/id/613459
* Platforms Affected:
National Science Foundation Squid Web Proxy Cache 2.x to 2.4.STABLE3
FreeBSD Ports Collection prior to 2002-02-19
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of Squid (2.4.STABLE4 or later), as listed in the Squid HTTP Proxy Security Update Advisory 2002:1 at http://www.squid-cache.org/Advisories/SQUID-2002_1.txt
For Mandrake Linux 7.1, 7.2, 8.0, Corporate Server 1.0.1, and Single Network Firewall 7.2:
Upgrade to the latest version of Squid (2.4.STABLE4-1.5mdk or later), as listed in MandrakeSoft Security Advisory MDKSA-2002:016-1 at http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2002:016-1
For Red Hat Linux:
Upgrade to the latest version of Squid, as listed in Red Hat Linux Errata Advisory RHSA-2002:029-09 at http://rhn.redhat.com/errata/RHSA-2002-029.html
For Caldera OpenServer 5.0.6a and earlier:
Upgrade to the latest version of Squid (squid-2.4.STABLE4-VOLS or later), as listed in Caldera International, Inc. Security Advisory CSSA-2002-SCO.7 at ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.7/CSSA-2002-SCO.7.txt
For Caldera OpenLinux Server and Workstation 3.1.1:
Upgrade to the latest version of Squid (2.4.STABLE2-3 or later), as listed in Caldera International, Inc. Security Advisory CSSA-2002-010.0 at ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2002-010.0.txt
For SuSE Linux:
Uprade to the latest Squid packages, as listed in SuSE Security Announcement SuSE-SA:2002:008 at http://www.suse.com/de/security/2002_008_squid_txt.html
For other distributions:
Contact your vendor for upgrade or patch information. Or see the CERT Vulnerability Note VU#613459 at the "References" section of this document. |
| Related URL |
CVE-2002-0068 (CVE) |
| Related URL |
4148 (SecurityFocus) |
| Related URL |
8258 (ISS) |
|
