Network Security: Detailed info on [CLA-2005:923] Conectiva Security Announcement

Subject:	[CLA-2005:923] Conectiva Security Announcement - squid
Date:	Wed, 26 Jan 2005 13:44:16 -0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT 
- --------------------------------------------------------------------------

PACKAGE   : squid
SUMMARY   : Fixes for squid vulnerabilities
DATE      : 2005-01-26 13:41:00
ID        : CLA-2005:923
RELEVANT
RELEASES  : 9, 10

- -------------------------------------------------------------------------

DESCRIPTION
 Squid[1] is a full-featured web proxy cache.
 
 This announcement adds the following patches to Squid:
 
 1.Empty ACLs[2]
   The meaning of the access controls becomes somewhat confusing if
 any of the referenced acls is declared empty, without any members.
 
 2.Fakeauth_auth[3]
   The NTLM fakeauth_auth helper has a memory leak that may cause it
 to run out of memory under high load, or if it runs for a very long
 time. Additionally, a malformed NTLM type 3 message could cause a
 segmentation violation.
 
 3.LDAP spaces[4]
   LDAP is very forgiving about spaces in search filters and this
 could be abused to log in using several variants of the login name,
 possibly bypassing explicit access controls or confusing accounting
 
 4.Non blocking disk[5]
   O_NONBLOCK on disk files is not is not standardized, and results
 may be unexpected. Linux now starts to add O_NONBLOCK support on disk
 files but the implementation is not complete yet and this bites
 Squid.
 
 5.Gopher html parsing[6]
   A malicious gopher server may return a response with very long
 lines that cause a buffer overflow in Squid.
 
 6.WCCP denial of service[7]
   WCCP_I_SEE_YOU messages contain a 'number of caches' field which
 should be between 1 and 32. Values outside that range may crash Squid
 if WCCP is enabled, and if an attacker can spoof UDP packets with the
 WCCP router's IP address.
 
 7.SNMP core dump[8]
   If certain malformed SNMP request is received Squid restarts with a
 Segmentation Fault error.
 
 Aditionally, this announcement increases the Squid's initscript
 timeout for waiting it to stop from 10 seconds to 35 seconds,
 avoiding problems with stuck connections.


SOLUTION
 It is recommended that all squid users upgrade to the latest
 packages. This update will automatically restart the service if it is
 already running.
 
 
 REFERENCES
 1.http://squid.nlanr.net/
 2.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls
 
3.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth
 
4.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces
 
5.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-non_blocking_disk
 
6.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-gopher_html_parsing
 
7.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_denial_of_service
 
8.http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-SNMP_core_dump


UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/10/SRPMS/squid-2.5.5-63116U10_6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-2.5.5-63116U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-auth-2.5.5-63116U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-extra-templates-2.5.5-63116U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/squid-2.5.5-25761U90_9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-2.5.5-25761U90_9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-auth-2.5.5-25761U90_9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-extra-templates-2.5.5-25761U90_9cl.i386.rpm


ADDITIONAL INSTRUCTIONS
 The apt tool can be used to perform RPM packages upgrades:

 - run:                 apt-get update
 - after that, execute: apt-get upgrade

 Detailed instructions regarding the use of apt and upgrade examples 
 can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en

- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at 
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en

- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
Copyright (c) 2004 Conectiva Inc.
http://www.conectiva.com

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQFB97rO42jd0JmAcZARAqCWAJ4zZ3bYMYqrbbmwxOaP1oVCg3W6tACg3k6U
sQB1t8gIRJ1koYueHBDxxKU=
=aVJr
-----END PGP SIGNATURE-----

<Prev in Thread]	Current Thread	[Next in Thread>
[CLA-2005:923] Conectiva Security Announcement - squid, Conectiva Updates <=

Previous by Date:	Re: List of all admin accounts in phpBB, Aaron Klein
Next by Date:	Re: logwatch and logrotate might create a blind spot in reporting, The Tibetan Traveller
Previous by Thread:	Multiple Vulnerabilities in Pocket IE, kers0r
Next by Thread:	NSFOCUS SA2005-01 : Buffer Overflow in WinAMP in_cdda.dll CDA Device Name, NSFOCUS Security Team
Indexes:	[Date] [Thread] [Top] [All Lists]

[CLA-2005:923] Conectiva Security Announcement - squid