Executive Summary
Summary | |
---|---|
Title | New squid packages fix array bounds check |
Informations | |||
---|---|---|---|
Name | DSA-1646 | First vendor Publication | 2008-10-07 |
Vendor | Debian | Last vendor Modification | 2008-10-11 |
Severity (Vendor) | N/A | Revision | 2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
In DSA 1646-1, an update was announced for a denial of service vulnerability in squid, a caching proxy server. Due to an error in packaging and in testing, the updated packages did not correct the weakness. An updated release is available which corrects the error. For reference, the original advisory text follows. A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a denial of service condition against squid. For the stable distribution (etch), these problems have been fixed in version 2.6.5-6etch4. We recommend that you upgrade your squid packages. |
Original Source
Url : http://www.debian.org/security/2008/dsa-1646 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10915 | |||
Oval ID: | oval:org.mitre.oval:def:10915 | ||
Title: | The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects. | ||
Description: | The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2007-6239 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11376 | |||
Oval ID: | oval:org.mitre.oval:def:11376 | ||
Title: | The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239. | ||
Description: | The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-1612 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17664 | |||
Oval ID: | oval:org.mitre.oval:def:17664 | ||
Title: | USN-601-1 -- squid vulnerability | ||
Description: | It was discovered that Squid did not perform proper bounds checking when processing cache update replies. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-601-1 CVE-2007-6239 CVE-2008-1612 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | squid |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17749 | |||
Oval ID: | oval:org.mitre.oval:def:17749 | ||
Title: | USN-565-1 -- squid vulnerability | ||
Description: | It was discovered that Squid did not always clean up cache memory correctly. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-565-1 CVE-2007-6239 | Version: | 7 |
Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 Ubuntu 7.10 | Product(s): | squid |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18736 | |||
Oval ID: | oval:org.mitre.oval:def:18736 | ||
Title: | DSA-1646-2 squid - array bounds check | ||
Description: | A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to <a href="http://security-tracker.debian.org/tracker/CVE-2007-6239">CVE-2007-6239</a>, and announced by Debian in <a href="dsa-1482">DSA-1482-1</a>. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorised client to induce a denial of service condition against squid. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1646-2 CVE-2008-1612 CVE-2007-6239 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:19956 | |||
Oval ID: | oval:org.mitre.oval:def:19956 | ||
Title: | DSA-1482-1 squid - programming error | ||
Description: | It was discovered that malformed cache update replies against the Squid WWW proxy cache could lead to the exhaustion of system memory, resulting in potential denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1482-1 CVE-2007-6239 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21708 | |||
Oval ID: | oval:org.mitre.oval:def:21708 | ||
Title: | ELSA-2007:1130: squid security update (Moderate) | ||
Description: | The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2007:1130-01 CVE-2007-6239 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22702 | |||
Oval ID: | oval:org.mitre.oval:def:22702 | ||
Title: | ELSA-2008:0214: squid security update (Moderate) | ||
Description: | The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0214-01 CVE-2008-1612 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | squid |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7232 | |||
Oval ID: | oval:org.mitre.oval:def:7232 | ||
Title: | DSA-1646 squid -- array bounds check | ||
Description: | A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorised client to induce a denial of service condition against squid. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1646 CVE-2008-1612 CVE-2007-6239 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | squid |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:7991 | |||
Oval ID: | oval:org.mitre.oval:def:7991 | ||
Title: | DSA-1482 squid -- programming error | ||
Description: | It was discovered that malformed cache update replies against the Squid WWW proxy cache could lead to the exhaustion of system memory, resulting in potential denial of service. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1482 CVE-2007-6239 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | squid |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for squid File : nvt/sles10_squid0.nasl |
2009-10-13 | Name : SLES10: Security update for Squid File : nvt/sles10_squid.nasl |
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5024260.nasl |
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5015636.nasl |
2009-04-09 | Name : Mandriva Update for squid MDVSA-2008:134 (squid) File : nvt/gb_mandriva_MDVSA_2008_134.nasl |
2009-04-09 | Name : Mandriva Update for squid MDVSA-2008:002 (squid) File : nvt/gb_mandriva_MDVSA_2008_002.nasl |
2009-03-31 | Name : Gentoo Security Advisory GLSA 200903-38 (Squid) File : nvt/glsa_200903_38.nasl |
2009-03-23 | Name : Ubuntu Update for squid vulnerability USN-601-1 File : nvt/gb_ubuntu_USN_601_1.nasl |
2009-03-23 | Name : Ubuntu Update for squid vulnerability USN-565-1 File : nvt/gb_ubuntu_USN_565_1.nasl |
2009-03-06 | Name : RedHat Update for squid RHSA-2008:0214-01 File : nvt/gb_RHSA-2008_0214-01_squid.nasl |
2009-03-06 | Name : RedHat Update for squid RHSA-2007:1130-01 File : nvt/gb_RHSA-2007_1130-01_squid.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2008:0214 centos4 x86_64 File : nvt/gb_CESA-2008_0214_squid_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2007:1130-04 centos2 i386 File : nvt/gb_CESA-2007_1130-04_squid_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2007:1130 centos3 i386 File : nvt/gb_CESA-2007_1130_squid_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2007:1130 centos3 x86_64 File : nvt/gb_CESA-2007_1130_squid_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2007:1130 centos4 i386 File : nvt/gb_CESA-2007_1130_squid_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2007:1130 centos4 x86_64 File : nvt/gb_CESA-2007_1130_squid_centos4_x86_64.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2008:0214-01 centos2 i386 File : nvt/gb_CESA-2008_0214-01_squid_centos2_i386.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2008:0214 centos3 i386 File : nvt/gb_CESA-2008_0214_squid_centos3_i386.nasl |
2009-02-27 | Name : Fedora Update for squid FEDORA-2007-4170 File : nvt/gb_fedora_2007_4170_squid_fc8.nasl |
2009-02-27 | Name : Fedora Update for squid FEDORA-2007-4161 File : nvt/gb_fedora_2007_4161_squid_fc7.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2008:0214 centos3 x86_64 File : nvt/gb_CESA-2008_0214_squid_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for squid CESA-2008:0214 centos4 i386 File : nvt/gb_CESA-2008_0214_squid_centos4_i386.nasl |
2009-02-16 | Name : Fedora Update for squid FEDORA-2008-2740 File : nvt/gb_fedora_2008_2740_squid_fc8.nasl |
2008-11-01 | Name : Debian Security Advisory DSA 1646-2 (squid) File : nvt/deb_1646_2.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200801-05 (squid) File : nvt/glsa_200801_05.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid21.nasl |
2008-02-15 | Name : Debian Security Advisory DSA 1482-1 (squid) File : nvt/deb_1482_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44276 | Squid lib/Array.c arrayShrink Function Assert Error Unspecified DoS |
39381 | Squid Cache Update Reply Processing Remote DoS |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Multiple Products excessive HTTP 304 Not Modified responses exploit attempt RuleID : 16008 - Revision : 18 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1130.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0214.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080408_squid_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071218_squid_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_squid-5301.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12135.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12004.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-002.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-134.nasl - Type : ACT_GATHER_INFO |
2009-03-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-38.nasl - Type : ACT_GATHER_INFO |
2008-10-07 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1646.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_squid-5157.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote openSUSE host is missing a security update. File : suse_squid-5155.nasl - Type : ACT_GATHER_INFO |
2008-05-01 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2740.nasl - Type : ACT_GATHER_INFO |
2008-04-17 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0214.nasl - Type : ACT_GATHER_INFO |
2008-04-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-601-1.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0214.nasl - Type : ACT_GATHER_INFO |
2008-02-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1482.nasl - Type : ACT_GATHER_INFO |
2008-01-10 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200801-05.nasl - Type : ACT_GATHER_INFO |
2008-01-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-565-1.nasl - Type : ACT_GATHER_INFO |
2007-12-31 | Name : The remote openSUSE host is missing a security update. File : suse_squid-4779.nasl - Type : ACT_GATHER_INFO |
2007-12-31 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_squid-4782.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1130.nasl - Type : ACT_GATHER_INFO |
2007-12-19 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1130.nasl - Type : ACT_GATHER_INFO |
2007-12-17 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4170.nasl - Type : ACT_GATHER_INFO |
2007-12-17 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4161.nasl - Type : ACT_GATHER_INFO |
2007-12-07 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_6eb580d7a29c11dc8919001c2514716c.nasl - Type : ACT_GATHER_INFO |
2007-12-04 | Name : The remote proxy server is prone to a denial of service attack. File : squid_2_6_17.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:54 |
|
2013-05-11 00:43:06 |
|