Executive Summary
Summary | |
---|---|
Title | squid security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:415 | First vendor Publication | 2005-06-14 |
Vendor | RedHat | Last vendor Modification | 2005-06-14 |
Severity (Vendor) | Low | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated squid package that fixes several security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Squid is a full-featured Web proxy cache. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 125007 - insecure permissions for squid.conf 150232 - CAN-2005-0626 Cookie leak in squid 150907 - LDAP Authentication fails with an assertion error. 151412 - CAN-2005-1345 Unexpected access control results on configuration errors 151423 - CAN-2005-0718 Segmentation fault on failed PUT/POST request 156161 - CVE-1999-0710 cachemgr.cgi access control bypass 157455 - CAN-2005-1519 DNS lookups unreliable on untrusted networks |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-415.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10071 | |||
Oval ID: | oval:org.mitre.oval:def:10071 | ||
Title: | The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | ||
Description: | The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-1999-0710 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10513 | |||
Oval ID: | oval:org.mitre.oval:def:10513 | ||
Title: | Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator. | ||
Description: | Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1345 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11169 | |||
Oval ID: | oval:org.mitre.oval:def:11169 | ||
Title: | Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies. | ||
Description: | Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0626 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11562 | |||
Oval ID: | oval:org.mitre.oval:def:11562 | ||
Title: | Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory. | ||
Description: | Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-0718 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9976 | |||
Oval ID: | oval:org.mitre.oval:def:9976 | ||
Title: | Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups. | ||
Description: | Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-1519 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5012630.nasl |
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5015546.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid13.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid14.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 576-1 (squid) File : nvt/deb_576_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 721-1 (squid) File : nvt/deb_721_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 751-1 (squid) File : nvt/deb_751_1.nasl |
2005-11-03 | Name : RedHat 6.0 cachemgr.cgi File : nvt/cachemgr_cgi.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
16335 | Squid DNS Lookup Spoofing Squid Proxy contains a flaw that may allow a malicious user to spoof DNS lookups. The issue is triggered when an unspecified error occur in the DNS client while handling DNS responses. It is possible that the flaw may allow a malicious user to spoof DNS lookups resulting in a loss of integrity. |
15912 | Squid Malformed ACL http_access Restriction Bypass |
15443 | Squid Aborted PUT/POST Request DoS |
14354 | Squid Set-Cookie Header Cross-session Information Disclosure |
28 | Squid cachemgr.cgi Proxied Port Scanning This host is running the Squid Proxy server 'cachemanager' CGI. The cache manager CGI program, by default, contains no restricts or access permissions. With a malformed request, an intruder can use this script to launch port scans from the server. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Squid proxy DNS response spoofing attempt RuleID : 17495 - Revision : 9 - Type : SERVER-OTHER |
2014-01-10 | cachemgr.cgi access RuleID : 1206-community - Revision : 18 - Type : SERVER-WEBAPP |
2014-01-10 | cachemgr.cgi access RuleID : 1206 - Revision : 18 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2006-07-03 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-415.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-93-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-129-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-122-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-111-1.nasl - Type : ACT_GATHER_INFO |
2005-07-20 | Name : The remote proxy server is affected by an information disclosure issue. File : squid_set_cookie_headers.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_7e97b288c7ca11d99e1ec296ac722cb3.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_8dbf7894a9a811d9a7880001020eed82.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a395397cc7c811d99e1ec296ac722cb3.nasl - Type : ACT_GATHER_INFO |
2005-07-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-751.nasl - Type : ACT_GATHER_INFO |
2005-06-25 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-104.nasl - Type : ACT_GATHER_INFO |
2005-06-16 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-415.nasl - Type : ACT_GATHER_INFO |
2005-06-13 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-489.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-373.nasl - Type : ACT_GATHER_INFO |
2005-05-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-721.nasl - Type : ACT_GATHER_INFO |
2005-05-02 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-078.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-576.nasl - Type : ACT_GATHER_INFO |
1999-08-22 | Name : The remote web server contains a CGI application that has no access restricti... File : cachemgr_cgi.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:21 |
|
2013-05-11 12:23:03 |
|