Login
Newsletter
Werbung

Sicherheit: Denial of Service in squid
Aktuelle Meldungen Distributionen
Name: Denial of Service in squid
ID: TLSA-2007-23
Distribution: TurboLinux
Plattformen: Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 8 Server, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition
Datum: Mi, 4. April 2007, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1560
Applikationen: Squid

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2007-23
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 03 Apr 2007
Last revised: 03 Apr 2007

Package: squid

Summary: Squid denial of service attack

More information:
Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.

Remote attackers to cause a denial of service (system crash) via crafted
TRACE requests that trigger an assertion error.

Impact:
The vulnerability allows remote attackers to cause a denial of service.

Affected Products:
- Turbolinux Appliance Server 2.0
- Turbolinux 10 Server x64 Edition
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server
- Turbolinux 8 Server


<Turbolinux Appliance Server 2.0>

Source Packages
Size: MD5

squid-2.5.STABLE10-6.src.rpm
1573615 43e8f1af8278616a567a64a1c9528b44

Binary Packages
Size: MD5

squid-2.5.STABLE10-6.i586.rpm
882430 93c6e317e721186bf0ad262400118454

<Turbolinux 10 Server x64 Edition>

Source Packages
Size: MD5

squid-2.5.STABLE10-6.src.rpm
1573615 5c8b93904be2060ef6a68fb9a376b014

Binary Packages
Size: MD5

squid-2.5.STABLE10-6.x86_64.rpm
955489 3b7cc4de3485489819a58c661b6bdcad
squid-debug-2.5.STABLE10-6.x86_64.rpm
1546212 ed456d09522a19eacefb80e3e7f85b57

<Turbolinux Appliance Server 1.0 Hosting Edition>

Source Packages
Size: MD5

squid-2.5.STABLE10-6.src.rpm
1573615 084b1fd2197234b3349b5cd02168ddeb

Binary Packages
Size: MD5

squid-2.5.STABLE10-6.i586.rpm
855796 46e160f5d6053e49f00fd779ca00fa64

<Turbolinux Appliance Server 1.0 Workgroup Edition>

Source Packages
Size: MD5

squid-2.5.STABLE10-6.src.rpm
1573615 b1dc33398f273155eb4c0d32a03b5f2e

Binary Packages
Size: MD5

squid-2.5.STABLE10-6.i586.rpm
856232 ccb9e1f605b411f292942838d6fae32e

<Turbolinux 10 Server>

Source Packages
Size: MD5

squid-2.5.STABLE10-6.src.rpm
1573615 43e8f1af8278616a567a64a1c9528b44

Binary Packages
Size: MD5

squid-2.5.STABLE10-6.i586.rpm
882430 93c6e317e721186bf0ad262400118454
squid-debug-2.5.STABLE10-6.i586.rpm
1550581 9ad543ac4ed93402033314899d8d9149

<Turbolinux 8 Server>

Source Packages
Size: MD5

squid-2.5.STABLE10-6.src.rpm
1573615 22a0615b337932da9ed73cc015769f79

Binary Packages
Size: MD5

squid-2.5.STABLE10-6.i586.rpm
858321 64088f2aff4f508d5b8df7f4f9cba60c


References:

CVE
[CVE-2007-1560]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1560

--------------------------------------------------------------------------
Revision History
03 Apr 2007 Initial release
--------------------------------------------------------------------------

Copyright(C) 2007 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGEhE/K0LzjOqIJMwRAszyAJ9E5bKo3LsSL0CmlJ65URJiQ6H2MgCffh+q
yGhOe8E6R8zZys81JpygGWQ=
=c6IN
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung