SUSE-SA:2005:008: squid

medium Nessus Plugin ID 17198

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2005:008 (squid).


Squid is an Open Source web proxy.

A remote attacker was potentially able to crash the Squid web proxy if the log_fqdn option was set to 'on' and the DNS replies were manipulated.

This is tracked by the Mitre CVE ID CVE-2005-0446.

This update also fixes a defect in the last security update patch (CVE-2005-0241).

Solution

http://www.suse.de/security/advisories/2005_08_squid.html

Plugin Details

Severity: Medium

ID: 17198

File Name: suse_SA_2005_008.nasl

Version: 1.11

Agent: unix

Published: 2/23/2005

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Reference Information

CVE: CVE-2005-0446