Executive Summary
Summary | |
---|---|
Title | squid security update |
Informations | |||
---|---|---|---|
Name | RHSA-2011:1791 | First vendor Publication | 2011-12-06 |
Vendor | RedHat | Last vendor Modification | 2011-12-06 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated squid package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. An input validation flaw was found in the way Squid calculated the total number of resource records in the answer section of multiple name server responses. An attacker could use this flaw to cause Squid to crash. (CVE-2011-4096) Users of squid should upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the squid service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 750316 - CVE-2011-4096 squid: Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2011-1791.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15315 | |||
Oval ID: | oval:org.mitre.oval:def:15315 | ||
Title: | DSA-2381-1 squid3 -- invalid memory deallocation | ||
Description: | It was discovered that the IPv6 support code in Squid does not properly handle certain DNS responses, resulting in deallocation of an invalid pointer and a daemon crash. The squid package and the version of squid3 shipped in lenny lack IPv6 support and are not affected by this issue. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2381-1 CVE-2011-4096 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | squid3 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22004 | |||
Oval ID: | oval:org.mitre.oval:def:22004 | ||
Title: | RHSA-2011:1791: squid security update (Moderate) | ||
Description: | The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:1791-01 CESA-2011:1791 CVE-2011-4096 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23282 | |||
Oval ID: | oval:org.mitre.oval:def:23282 | ||
Title: | ELSA-2011:1791: squid security update (Moderate) | ||
Description: | The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service (daemon abort) via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:1791-01 CVE-2011-4096 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28153 | |||
Oval ID: | oval:org.mitre.oval:def:28153 | ||
Title: | DEPRECATED: ELSA-2011-1791 -- squid security update (moderate) | ||
Description: | [-7:3.1.10-1.el6_2.1] - Resolves: #755016 - CVE-2011-4096: Invalid free by processing CNAME DNS record | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-1791 CVE-2011-4096 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | squid |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-07-30 | Name : CentOS Update for squid CESA-2011:1791 centos6 File : nvt/gb_CESA-2011_1791_squid_centos6.nasl |
2012-07-09 | Name : RedHat Update for squid RHSA-2011:1791-01 File : nvt/gb_RHSA-2011_1791-01_squid.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2381-1 (squid3) File : nvt/deb_2381_1.nasl |
2011-11-18 | Name : Fedora Update for squid FEDORA-2011-15233 File : nvt/gb_fedora_2011_15233_squid_fc15.nasl |
2011-11-18 | Name : Fedora Update for squid FEDORA-2011-15256 File : nvt/gb_fedora_2011_15256_squid_fc14.nasl |
2011-11-01 | Name : Squid Proxy Caching Server CNAME Denial of Service Vulnerability File : nvt/gb_squid_50449.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
76742 | Squid DNS Replies CName Record Parsing Remote DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2019-10-15 | Squid proxy DNS CNAME record response denial of service attempt RuleID : 51485 - Revision : 1 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-09-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-1996-1.nasl - Type : ACT_GATHER_INFO |
2016-09-02 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2016-2089-1.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_squid3-111222.nasl - Type : ACT_GATHER_INFO |
2013-09-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-22.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2011-1791.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-193.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20111206_squid_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-01-30 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_squid3-111222.nasl - Type : ACT_GATHER_INFO |
2012-01-12 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2381.nasl - Type : ACT_GATHER_INFO |
2011-12-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2011-1791.nasl - Type : ACT_GATHER_INFO |
2011-12-14 | Name : The remote proxy server is affected by a denial of service vulnerability. File : squid_3_1_16.nasl - Type : ACT_GATHER_INFO |
2011-12-07 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1791.nasl - Type : ACT_GATHER_INFO |
2011-11-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15233.nasl - Type : ACT_GATHER_INFO |
2011-11-18 | Name : The remote Fedora host is missing a security update. File : fedora_2011-15256.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:55:24 |
|