SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Squid Vendors:   Squid-cache.org
(Fedora Issues Fix for FC2) Squid SNMP Parsing Error Lets Remote Users Restart the Proxy Server
SecurityTracker Alert ID:  1011679
SecurityTracker URL:  http://securitytracker.com/id/1011679
CVE Reference:   CVE-2004-0918   (Links to External Site)
Date:  Oct 14 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 2.5.STABLE3-4.fc2.2
Description:   iDEFENSE reported a vulnerability in Squid in the SNMP service. A remote user can cause denial of service conditions.

It is reported that a remote user can supply a specially crafted SNMP packet to trigger an ASN1 parsing error and cause Squid to restart, dropping all current connections.

The flaw resides in the asn_parse_header() function in 'snmplib/asn1.c'.

The system is affected if compiled with SNMP support.

The vendor was notified on September 15, 2004.

The original advisory is available at:

http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities

Impact:   A remote user can cause the proxy services to restart.
Solution:   Fedora has released a fix, available at:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

b186266417cde4ae107590c2a57529e3 SRPMS/squid-2.5.STABLE5-4.fc2.2.src.rpm
4ec79efd0c0adc7374814f60fefea25b x86_64/squid-2.5.STABLE5-4.fc2.2.x86_64.rpm
40c4b0a65a0a9696bb24b5c3a9fbad3d x86_64/debug/squid-debuginfo-2.5.STABLE5-4.fc2.2.x86_64.rpm
be53dc7d7978aa246739670e1f994402 i386/squid-2.5.STABLE5-4.fc2.2.i386.rpm
7f9c55b03369c0985fab4c56bab719f0 i386/debug/squid-debuginfo-2.5.STABLE5-4.fc2.2.i386.rpm

Vendor URL:  www.squid-cache.org/ (Links to External Site)
Cause:   Exception handling error, Input validation error
Underlying OS:  Linux (Red Hat Fedora)
Underlying OS Comments:  FC2

Message History:   This archive entry is a follow-up to the message listed below.
Oct 11 2004 Squid SNMP Parsing Error Lets Remote Users Restart the Proxy Server



 Source Message Contents

Subject:  [SECURITY] Fedora Core 2 Update: squid-2.5.STABLE5-4.fc2.2



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-338
2004-10-13
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : squid
Version     : 2.5.STABLE5                      
Release     : 4.fc2.2                  
Summary     : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

---------------------------------------------------------------------

* Tue Oct 12 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE3-4.fc2.2

- Backport fix for CAN-2004-0918 (Remote Denial of Service attack)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

b186266417cde4ae107590c2a57529e3  SRPMS/squid-2.5.STABLE5-4.fc2.2.src.rpm
4ec79efd0c0adc7374814f60fefea25b  x86_64/squid-2.5.STABLE5-4.fc2.2.x86_64.rpm
40c4b0a65a0a9696bb24b5c3a9fbad3d  x86_64/debug/squid-debuginfo-2.5.STABLE5-4.fc2.2.x86_64.rpm
be53dc7d7978aa246739670e1f994402  i386/squid-2.5.STABLE5-4.fc2.2.i386.rpm
7f9c55b03369c0985fab4c56bab719f0  i386/debug/squid-debuginfo-2.5.STABLE5-4.fc2.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC