Open Source Forge - www.osforge.com [ Squid Proxy Cache Security Update Advisory ]

Root
Contribute News
Learning Corner
Linux Distributions
Linux Common FAQ's
Discussion Forums
Community Gallery
Links Directory
Search OSForge

Networking
Industry Updates
Linux & Open Source
Opinions
Press Release
Programming
Security
Web Development
White Paper

LogMeIn Launches Mobile Plug-in for Linux

FuseMail Selects Funambol’s Open Source Push Email and PIM Sync Solution

Zenoss Expands IT Management Solution for Managed Service Providers

Moab Workload Manager Claims Title as World’s First Petaflop Scheduler

Moab Workload Manager Claims Title as World’s First Petaflop Scheduler

xTuple ERP Exceeds 100,000 Downloads, Readies Version 3.0 Beta

Open-Xchange to Deliver Collaboration Solution Integrated With Parallels Automation

OpenKM - Document Mangement announces version 2.0

SugarCRM Manages End-to-End SaaS Offering with Zenoss

View More �

Squid Proxy Cache Security Update Advisory

By : Eric Lim [www]

on Security
Tuesday the 26th, March 2002 at 11:06 PM (EST)

Readers TalkBack (0) - 454 Reads

Printable format
Foward to Email

Squid Proxy Cache Security Update Advisory SQUID-2002:2

__________________________________________________________________

Advisory ID:            SQUID-2002:2
Date:                   March 26, 2002
Affected versions:      Squid-2.x up to and including 2.4.STABLE4
Reported by:            zen-parse
__________________________________________________________________

       http://www.squid-cache.org/Advisories/SQUID-2002_2.txt
__________________________________________________________________

Problem Description:
A security issue has recently been found and fixed in the Squid-2.X
releases up to and including 2.4.STABLE4.

Error and boundary conditions were not checked when handling
compressed DNS answer messages in the internal DNS code (lib/rfc1035.c).
A malicous DNS server could craft a DNS reply that causes Squid
to exit with a SIGSEGV.

The relevant code exists in Squid-2.3, Squid-2.4, Squid-2.5 and
Squid-2.6/Squid-HEAD, and is enabled by default.

__________________________________________________________________

Updated Packages:

The Squid-2.4.STABLE6 release contains fixes for all these
problems. You can download the Squid-2.4.STABLE6 release from

   ftp://ftp.squid-cache.org/pub/squid-2/STABLE/
   http://www.squid-cache.org/Versions/v2/2.4/

or the mirrors (may take a while before all mirrors are updated).
For a list of mirror sites see

   http://www.squid-cache.org/Mirrors/ftp-mirrors.html
   http://www.squid-cache.org/Mirrors/http-mirrors.html

Individual patches to the mentioned issues can be found from our
patch archive for version Squid-2.4.STABLE4

   http://www.squid-cache.org/Versions/v2/2.4/bugs/

The patches should also apply with only a minimal effort to
earlier Squid 2.4 versions if required.

The Squid-2.5 and Squid-2.6/Squid-HEAD nightly snapshots contains
the fixed DNS code.

__________________________________________________________________

Determining if your are vulnerable:

You are vulnerable if you are running these versions of Squid
with internal DNS queries:

* Squid-2.4 version up to and including Squid-2.4.STABLE4
* Squid-2.5 up to the fix date (Tuesday, March 12 2002 UTC)
* Squid-2.6 / Squid-HEAD up to the fix date
   (Tuesday, March 12 2002 UTC)
* Squid-2.3

Squid uses the internal DNS implementation by default, and
prints a line like this in cache.log when it is in use:

   DNS Socket created at 0.0.0.0, port 4345, FD 5

Reader Rating from 1-5

Talkback

Post Your Talkback | View All Talkback (0 Posted)

Currently there are no Talkback posted on "Squid Proxy Cache Security Update Advisory", Click here to be the first to post a talkback.


About \| Term of Use \| Privacy \| Contact us \| Tell a Friend \| Advertise	OSForge News RSS Feed