drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in squid
| Name: |
Denial of Service in squid |
|
| ID: |
TLSA-2008-15 |
|
| Distribution: |
TurboLinux |
|
| Plattformen: |
Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition |
|
| Datum: |
Do, 17. April 2008, 03:50 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1612 |
|
| Applikationen: |
Squid |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2008-15
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 16 Apr 2008
Last revised: 16 Apr 2008
Package: squid
Summary: Squid denial of service attack
More information:
Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows
attackers to cause a denial of service (process exit) via unknown
vectors that cause an array to shrink to 0 entries,
which triggers an assert error. (CVE-2008-1612)
Affected Products:
- Turbolinux 11 Server x64 Edition
- Turbolinux 11 Server
- Turbolinux Appliance Server 2.0
- Turbolinux 10 Server x64 Edition
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server
<Turbolinux 11 Server x64 Edition>
squid-2.6.STABLE16-6.src.rpm
1322812 b84f6f2cbd144fe8b7dcc378c72cb4e1
Binary Packages
Size: MD5
squid-2.6.STABLE16-6.x86_64.rpm
997762 b22b2c37252ada4662a4dbee63b9cd91
<Turbolinux 11 Server>
squid-2.6.STABLE16-6.src.rpm
1322812 b84f6f2cbd144fe8b7dcc378c72cb4e1
Binary Packages
Size: MD5
squid-2.6.STABLE16-6.i686.rpm
947482 d61a0cc969fff843c2392e9a2f7099e9
<Turbolinux Appliance Server 2.0>
Source Packages
Size: MD5
squid-2.5.STABLE10-8.src.rpm
1575038 c85b37ff77342aa3db88d581540a8cb3
Binary Packages
Size: MD5
squid-2.5.STABLE10-8.i586.rpm
882790 c15786be17850d43b56b253c095cd33d
<Turbolinux 10 Server x64 Edition>
Source Packages
Size: MD5
squid-2.5.STABLE10-8.src.rpm
1575038 b837f7f067a5e2010f82b130a81bbd38
Binary Packages
Size: MD5
squid-2.5.STABLE10-8.x86_64.rpm
956279 29ee1397d030bb5fab30f0b952766072
squid-debug-2.5.STABLE10-8.x86_64.rpm
1545936 1e79df54f1baf6b8d9a58c361ab75828
<Turbolinux Appliance Server 1.0 Hosting Edition>
Source Packages
Size: MD5
squid-2.5.STABLE10-8.src.rpm
1575038 93e91e1c90c4647ea5dd809f18637955
Binary Packages
Size: MD5
squid-2.5.STABLE10-8.i586.rpm
856080 c42221a2d8222500cb7097ce7ac865e8
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages
Size: MD5
squid-2.5.STABLE10-8.src.rpm
1575038 3b61c35c2a2fcf5907608134e48172c0
Binary Packages
Size: MD5
squid-2.5.STABLE10-8.i586.rpm
856557 425f66b97b86451117bfbc6a920b264f
<Turbolinux 10 Server>
Source Packages
Size: MD5
squid-2.5.STABLE10-8.src.rpm
1575038 c85b37ff77342aa3db88d581540a8cb3
Binary Packages
Size: MD5
squid-2.5.STABLE10-8.i586.rpm
882790 c15786be17850d43b56b253c095cd33d
squid-debug-2.5.STABLE10-8.i586.rpm
1549208 6517238e0c94173a84e2ac156972b871
References:
CVE
[CVE-2008-1612]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1612
--------------------------------------------------------------------------
Revision History
16 Apr 2008 Initial release
--------------------------------------------------------------------------
Copyright(C) 2008 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
iEYEARECAAYFAkgF7MAACgkQK0LzjOqIJMz5tgCgrLqqoiiuuUJmD9VhxKeefsT/
DGIAn3oC00Mos0fKyhxaN5DxIysuJ0yf
=syuZ
-----END PGP SIGNATURE-----
|
|
|
|
