Executive Summary
Summary | |
---|---|
Title | New Squid packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-576 | First vendor Publication | 2004-10-29 |
Vendor | Debian | Last vendor Modification | 2004-10-29 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several security vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-1999-0710 It is possible to bypass access lists and scan arbitrary hosts and ports in the network through cachemgr.cgi, which is installed by default. This update disables this feature and introduces a configuration file (/etc/squid/cachemgr.conf) to control this behavier. CAN-2004-0918 The asn_parse_header function (asn1.c) in the SNMP module for Squid allows remote attackers to cause a denial of service via certain SNMP packets with negative length fields that causes a memory allocation error. For the stable distribution (woody) these problems have been fixed in version 2.4.6-2woody4. For the unstable distribution (sid) these problems have been fixed in version 2.5.7-1. We recommend that you upgrade your squid package. |
Original Source
Url : http://www.debian.org/security/2004/dsa-576 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10071 | |||
Oval ID: | oval:org.mitre.oval:def:10071 | ||
Title: | The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | ||
Description: | The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-1999-0710 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10931 | |||
Oval ID: | oval:org.mitre.oval:def:10931 | ||
Title: | The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | ||
Description: | The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0918 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5015546.nasl |
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5020697.nasl |
2009-02-17 | Name : Fedora Update for squid FEDORA-2008-6045 File : nvt/gb_fedora_2008_6045_squid_fc9.nasl |
2009-02-13 | Name : Fedora Core 9 FEDORA-2009-1517 (squid) File : nvt/fcore_2009_1517.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-15 (squid) File : nvt/glsa_200410_15.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid10.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid13.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 576-1 (squid) File : nvt/deb_576_1.nasl |
2005-11-03 | Name : RedHat 6.0 cachemgr.cgi File : nvt/cachemgr_cgi.nasl |
2005-11-03 | Name : Squid remote denial of service File : nvt/squid_rdos.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10675 | Squid Web Proxy Cache SNMP Module asn_parse_header() Function Remote DoS Squid Web Proxy Cache contains a flaw that may allow a remote denial of service. The issue is triggered due to an ASN1 parsing error where certain header length combinations can bypass the validations performed by the ASN1 parser, eventually resulting in loss of availability for the service. |
28 | Squid cachemgr.cgi Proxied Port Scanning This host is running the Squid Proxy server 'cachemanager' CGI. The cache manager CGI program, by default, contains no restricts or access permissions. With a malformed request, an intruder can use this script to launch port scans from the server. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Squid ASN.1 header parsing denial of service attempt RuleID : 15989 - Revision : 5 - Type : SERVER-OTHER |
2014-01-10 | cachemgr.cgi access RuleID : 1206-community - Revision : 18 - Type : SERVER-WEBAPP |
2014-01-10 | cachemgr.cgi access RuleID : 1206 - Revision : 18 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_65e99f521c5f11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2009-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1517.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6045.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2005-415.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-19-1.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a395397cc7c811d99e1ec296ac722cb3.nasl - Type : ACT_GATHER_INFO |
2005-06-16 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-415.nasl - Type : ACT_GATHER_INFO |
2005-06-13 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-489.nasl - Type : ACT_GATHER_INFO |
2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-373.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-576.nasl - Type : ACT_GATHER_INFO |
2004-10-22 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-112.nasl - Type : ACT_GATHER_INFO |
2004-10-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2004-591.nasl - Type : ACT_GATHER_INFO |
2004-10-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200410-15.nasl - Type : ACT_GATHER_INFO |
2004-10-14 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-338.nasl - Type : ACT_GATHER_INFO |
2004-10-12 | Name : The remote proxy server is prone to a denial of service attack. File : squid_rdos.nasl - Type : ACT_GATHER_INFO |
1999-08-22 | Name : The remote web server contains a CGI application that has no access restricti... File : cachemgr_cgi.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:33:32 |
|
2013-05-11 12:18:43 |
|