Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

UnixWare 7.1.4 : squid updated package fixes several security issues

from [please_reply_to_security] Network Security [Permanent Link]
Subject: UnixWare 7.1.4 : squid updated package fixes several security issues
Date: Mon, 7 Mar 2005 14:48:00 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



______________________________________________________________________________

                        SCO Security Advisory

Subject:                UnixWare 7.1.4 : squid updated package fixes several 
security issues
Advisory number:        SCOSA-2005.16
Issue date:             2005 February 11
Cross reference:        sr890343 fz529457 erg712610 sr892199 fz530514 erg712740 
CAN-2004-0189 CAN-2004-0918
______________________________________________________________________________


1. Problem Description

        The asn_parse_header function (asn1.c) in the SNMP module
        for Squid Web Proxy Cache before 2.4.STABLE7 allows remote
        attackers to cause a denial of service (server restart) via
        certain SNMP packets with negative length fields that causes
        a memory allocation error. 

        The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier 
        allows remote attackers to bypass url_regex ACLs via a URL with 
        a NULL ("%00") character, which causes Squid to use only a 
        portion of the requested URL when comparing it against the 
        access control lists. 

        The Common Vulnerabilities and Exposures project (cve.mitre.org)
        has assigned the name CAN-2004-0189 and CAN-2004-0918 to this issues.


2. Vulnerable Supported Versions

        System                          Binaries
        ----------------------------------------------------------------------
        UnixWare 7.1.4                  distribution


3. Solution

        The proper solution is to install the latest packages.

4. UnixWare 7.1.4

        4.1 Location of Fixed Binaries

        ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16

        or
        
        The fixes are also available in SCO UnixWare 7.1.4 Mantenance Pack 2

        http://www.sco.com/support/update/download/release.php?rid=58

        4.2 Verification

        MD5 (squid.pkg) = 6c33ff5d3b7bac965e2c816f0ae489eb

        or

        MD5 (uw714mp2.iso) = 335919be68f54253852cb8abca11814a  

        md5 is available for download from
                ftp://ftp.sco.com/pub/security/tools

        4.3 Installing Fixed Binaries

        Upgrade the affected binaries with the following sequence:

        Download squid.pkg to the /var/spool/pkg directory

        # pkgadd -d /var/spool/pkg/squid.pkg

        or 

        See ftp://ftp.sco.com/pub/unixware7/714/mp/mp2/uw714mp2.txt


5. References

        Specific references for this advisory:
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0189 
                http://www.squid-cache.org/Advisories/SQUID-2004_1.txt 
                http://www.microsoft.com/security/incident/spoof.asp 
                http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0918

        SCO security resources:
                http://www.sco.com/support/security/index.html

        SCO security advisories via email
                http://www.sco.com/support/forums/security.html

        This security fix closes SCO incidents sr890343 fz529457
        erg712610 sr892199 fz530514 erg712740.


6. Disclaimer

        SCO is not responsible for the misuse of any of the information
        we provide on this website and/or through our security
        advisories. Our advisories are a service to our customers
        intended to promote secure installation and use of SCO
        products.


7. Acknowledgments

        SCO would like to thank Mitch Adair reported %00 bug and
        Duane Wessels, for patching the %00 bug and adding the
        urllogin ACL type.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (SCO/UNIX_SVR5)

iD8DBQFCI3A+aqoBO7ipriERAppTAJ9Fh/jKFa4KUnk9qICwuNoh+COo6QCfa6vC
W4JiUN/MzU73p3H4rcxh9lE=
=eNIb
-----END PGP SIGNATURE-----
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • UnixWare 7.1.4 : squid updated package fixes several security issues, please_reply_to_security <=
Previous by Date:  UnixWare 7.1.4 : Samba multiple security issues, please_reply_to_security
Next by Date:  iDEFENSE Labs Releases IDA RPC Enumerator, iDEFENSE Labs
Previous by Thread:  UnixWare 7.1.4 : Samba multiple security issues, please_reply_to_security
Next by Thread:  iDEFENSE Labs Releases IDA RPC Enumerator, iDEFENSE Labs
Indexes:  [Date] [Thread] [Top] [All Lists]