Executive Summary
Summary | |
---|---|
Title | Updated squid package fixes vulnerability |
Informations | |||
---|---|---|---|
Name | RHSA-2004:591 | First vendor Publication | 2004-10-20 |
Vendor | RedHat | Last vendor Modification | 2004-10-20 |
Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated squid package that fixes a remote denial of service vulnerability is now avaliable. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Squid is a full-featured Web proxy cache. iDEFENSE reported a flaw in the squid SNMP module. This flaw could allow an attacker who has the ability to send arbitrary packets to the SNMP port to restart the server, causing it to drop all open connections. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0918 to this issue. All users of squid should update to this erratum package, which contains a backport of the security fix for this vulnerability. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info): 135319 - CAN-2004-0918 SNMP DoS |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2004-591.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10931 | |||
Oval ID: | oval:org.mitre.oval:def:10931 | ||
Title: | The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | ||
Description: | The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0918 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for squid File : nvt/sles9p5020697.nasl |
2009-02-17 | Name : Fedora Update for squid FEDORA-2008-6045 File : nvt/gb_fedora_2008_6045_squid_fc9.nasl |
2009-02-13 | Name : Fedora Core 9 FEDORA-2009-1517 (squid) File : nvt/fcore_2009_1517.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-15 (squid) File : nvt/glsa_200410_15.nasl |
2008-09-04 | Name : FreeBSD Ports: squid File : nvt/freebsd_squid10.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 576-1 (squid) File : nvt/deb_576_1.nasl |
2005-11-03 | Name : Squid remote denial of service File : nvt/squid_rdos.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
10675 | Squid Web Proxy Cache SNMP Module asn_parse_header() Function Remote DoS Squid Web Proxy Cache contains a flaw that may allow a remote denial of service. The issue is triggered due to an ASN1 parsing error where certain header length combinations can bypass the validations performed by the ASN1 parser, eventually resulting in loss of availability for the service. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Squid ASN.1 header parsing denial of service attempt RuleID : 15989 - Revision : 5 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_65e99f521c5f11d9bc4a000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2009-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2009-1517.nasl - Type : ACT_GATHER_INFO |
2008-07-08 | Name : The remote Fedora host is missing a security update. File : fedora_2008-6045.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-19-1.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-576.nasl - Type : ACT_GATHER_INFO |
2004-10-22 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-112.nasl - Type : ACT_GATHER_INFO |
2004-10-21 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2004-591.nasl - Type : ACT_GATHER_INFO |
2004-10-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200410-15.nasl - Type : ACT_GATHER_INFO |
2004-10-14 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-338.nasl - Type : ACT_GATHER_INFO |
2004-10-12 | Name : The remote proxy server is prone to a denial of service attack. File : squid_rdos.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:48:44 |
|