DESCRIPTION
Squid[1] is a full-featured web proxy cache.
This announcement fixes a denial of service vulnerability[2] in squid
caused by a malformed NTLMSSP packet. This causes a negative value to
be passed to memcpy on servers with NTLM authentication enabled,
making squid abort and causing a denial of service condition.
Fixes for two segmentation faults were also included: when using a
blank user name in digest authentication[3] and after the message
"Likely proxy abuse detected" has been printed to cache.log[4].
Also fixes a denial of service situation[5] caused by certain
malformed SNMP requests that when received by squid could restart it
with a segmentation fault error.
For Conectiva Linux 9, this announcement also fixes a buffer overflow
vulnerability[6] in the ntlm_check_auth (NTLM authentication)
function that allowed remote attackers to execute arbitrary code via
a long password.
SOLUTION
It is recommended that all squid users upgrade to the latest
packages. This update will automatically restart the service if it is
already running.
ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:
- run: apt-get update
- after that, execute: apt-get upgrade
Detailed instructions regarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en
- ------------------------------------------------------------------------
-
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
- ------------------------------------------------------------------------
-
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en
- ------------------------------------------------------------------------
-
Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com
Hash: SHA1
- ------------------------------------------------------------------------
--
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- ------------------------------------------------------------------------
--
PACKAGE : squid
SUMMARY : Fixes for squid vulnerabilities
DATE : 2004-11-03 10:48:00
ID : CLA-2004:882
RELEVANT
RELEASES : 9, 10
- ------------------------------------------------------------------------
-
DESCRIPTION
Squid[1] is a full-featured web proxy cache.
This announcement fixes a denial of service vulnerability[2] in squid
caused by a malformed NTLMSSP packet. This causes a negative value to
be passed to memcpy on servers with NTLM authentication enabled,
making squid abort and causing a denial of service condition.
Fixes for two segmentation faults were also included: when using a
blank user name in digest authentication[3] and after the message
"Likely proxy abuse detected" has been printed to cache.log[4].
Also fixes a denial of service situation[5] caused by certain
malformed SNMP requests that when received by squid could restart it
with a segmentation fault error.
For Conectiva Linux 9, this announcement also fixes a buffer overflow
vulnerability[6] in the ntlm_check_auth (NTLM authentication)
function that allowed remote attackers to execute arbitrary code via
a long password.
SOLUTION
It is recommended that all squid users upgrade to the latest
packages. This update will automatically restart the service if it is
already running.
REFERENCES
1.http://squid.nlanr.net/
2.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832
3.http://www1.uk.squid-cache.org/squid/Versions/v2/2.5/bugs/#squid-2.5.S
TABLE5-digest_blank
4.http://www1.uk.squid-cache.org/squid/Versions/v2/2.5/bugs/#squid-2.5.S
TABLE5-proxy_abuse
5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0918
6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0541
UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/10/SRPMS/squid-2.5.5-63116U10_4cl.sr
c.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-2.5.5-63116U10_4cl.i38
6.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-auth-2.5.5-63116U10_4c
l.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-extra-templates-2.5.5-
63116U10_4cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/squid-2.5.5-25761U90_7cl.src
.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-2.5.5-25761U90_7cl.i386
.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-auth-2.5.5-25761U90_7cl
.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-extra-templates-2.5.5-2
5761U90_7cl.i386.rpm
ADDITIONAL INSTRUCTIONS
The apt tool can be used to perform RPM packages upgrades:
- run: apt-get update
- after that, execute: apt-get upgrade
Detailed instructions regarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en
- ------------------------------------------------------------------------
-
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
- ------------------------------------------------------------------------
-
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en
- ------------------------------------------------------------------------
-
Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com
- ------------------------------------------------------------------------
-
subscribe: conectiva-updates-subscribe (at) papaleguas.conectiva.com (dot) br [email concealed]
unsubscribe: conectiva-updates-unsubscribe (at) papaleguas.conectiva.com (dot) br [email concealed]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQFBiNOm42jd0JmAcZARAuHhAKCQ6gd4JsoVtoGECoI3urtPR4kGhACeKiPB
nU7lhnlGZ+D+uhuNqdA1qyk=
=71kq
-----END PGP SIGNATURE-----
[ reply ]