Detections
Analytics
Debian DSA-667-1 : squid - several vulnerabilities
critical Nessus Plugin ID 16341
Synopsis
The remote Debian host is missing a security-related update.Description
Several vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities :- CAN-2005-0173 LDAP is very forgiving about spaces in search filters and this could be abused to log in using several variants of the login name, possibly bypassing explicit access controls or confusing accounting.
- CAN-2005-0175
Cache pollution/poisoning via HTTP response splitting has been discovered.
- CAN-2005-0194
The meaning of the access controls becomes somewhat confusing if any of the referenced ACLs (access control lists) is declared empty, without any members.
- CAN-2005-0211
The length argument of the WCCP recvfrom() call is larger than it should be. An attacker may send a larger than normal WCCP packet that could overflow a buffer.
Solution
Upgrade the squid package.For the stable distribution (woody) these problems have been fixed in version 2.4.6-2woody6.
See Also
Plugin Details
Severity: Critical
ID: 16341
File Name: debian_DSA-667.nasl
Version: 1.22
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 2/10/2005
Updated: 1/4/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:squid, cpe:/o:debian:debian_linux:3.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Patch Publication Date: 2/4/2005
Vulnerability Publication Date: 12/22/2004
Reference Information
CVE: CVE-2005-0173, CVE-2005-0174, CVE-2005-0175, CVE-2005-0194, CVE-2005-0211