Package : squid Vulnerability : IP spoofing Problem-Type : remote Debian-specific: no CVE ID : CAN-2005-1519 Debian Bug : 309504
The upstream developers have discovered a bug in the DNS lookup code of Squid, the popular WWW proxy cache. When the DNS client UDP port (assigned by the operating system at startup) is unfiltered and the network is not protected from IP spoofing, malicious users can spoof DNS lookups which could result in users being redirected to arbitrary web sites.
For the old stable distribution (woody) this problem has been fixed in version 2.4.6-2woody9.
For the stable distribution (sarge) this problem has already been fixed in version squid-2.5.9-9.
For the unstable distribution (sid) this problem has already been fixed in version squid-2.5.9-9.
We recommend that you upgrade your squid package.
Upgrade Instructions --------------------
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody --------------------------------