Login
Newsletter
Werbung

Sicherheit: Denial of Service in squid
Aktuelle Meldungen Distributionen
Name: Denial of Service in squid
ID: TLSA-2008-3
Distribution: TurboLinux
Plattformen: Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 1.0 Hosting Edition, Turbolinux Appliance Server 1.0 Workgroup Edition
Datum: Sa, 19. Januar 2008, 03:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6239
Applikationen: Squid

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2008-3
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 18 Jan 2008
Last revised: 18 Jan 2008

Package: squid

Summary: Squid denial of service attack

More information:
Squid is a high-performance proxy caching server for web clients,
supporting FTP, gopher and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single, non-blocking,
I/O-driven process.

Remote attackers to cause a denial of service (system crash) via crafted
requests.

Impact:
The vulnerability allows remote attackers to cause a denial of service.

Affected Products:
- Turbolinux 11 Server x64 Edition
- Turbolinux 11 Server
- Turbolinux Appliance Server 2.0
- Turbolinux 10 Server x64 Edition
- Turbolinux Appliance Server 1.0 Hosting Edition
- Turbolinux Appliance Server 1.0 Workgroup Edition
- Turbolinux 10 Server


<Turbolinux 11 Server x64 Edition>

squid-2.6.STABLE16-4.src.rpm
1322244 7b0d7cfa1b0d02ba92d6fc51bcc82af6

Binary Packages
Size: MD5

squid-2.6.STABLE16-4.x86_64.rpm
997461 03a4b22fff21f6f6e81827a220ea29cc

<Turbolinux 11 Server>

squid-2.6.STABLE16-4.src.rpm
1322244 bed7159047432f85b84364957f9fc11b

Binary Packages
Size: MD5

squid-2.6.STABLE16-4.i686.rpm
946417 b0765dfec671a75f5890dc3a37486fb3

<Turbolinux Appliance Server 2.0>

Source Packages
Size: MD5

squid-2.5.STABLE10-7.src.rpm
1574643 fb17848266316c5e78292fb46a919fcb

Binary Packages
Size: MD5

squid-2.5.STABLE10-7.i586.rpm
882868 e59aeb901e91e8d17d893c3d68a13387

<Turbolinux 10 Server x64 Edition>

Source Packages
Size: MD5

squid-2.5.STABLE10-7.src.rpm
1574643 0ca98cf6a31082f31b081986c9b2466f

Binary Packages
Size: MD5

squid-2.5.STABLE10-7.x86_64.rpm
956489 e2898593f4cdcbcff69b5c1f7d902798
squid-debug-2.5.STABLE10-7.x86_64.rpm
1546048 8057fcc0523af0e0a8d5ce156b389af7

<Turbolinux Appliance Server 1.0 Hosting Edition>

Source Packages
Size: MD5

squid-2.5.STABLE10-7.src.rpm
1574643 019cfa2574177d439b819b6c2b4b22c6

Binary Packages
Size: MD5

squid-2.5.STABLE10-7.i586.rpm
856243 f28c38d4210f85449c860744756c319a

<Turbolinux Appliance Server 1.0 Workgroup Edition>

Source Packages
Size: MD5

squid-2.5.STABLE10-7.src.rpm
1574643 0e74b141a4bf4c1e08a65fd9ce8160f7

Binary Packages
Size: MD5

squid-2.5.STABLE10-7.i586.rpm
856366 69592a3aa8be62447680aab0efc620cd

<Turbolinux 10 Server>

Source Packages
Size: MD5

squid-2.5.STABLE10-7.src.rpm
1574643 fb17848266316c5e78292fb46a919fcb

Binary Packages
Size: MD5

squid-2.5.STABLE10-7.i586.rpm
882868 e59aeb901e91e8d17d893c3d68a13387
squid-debug-2.5.STABLE10-7.i586.rpm
1549599 8aa2fbe32440552182db2f411ace6c2d


References:

CVE
[CVE-2007-6239]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6239

--------------------------------------------------------------------------
Revision History
18 Jan 2008 Initial release
--------------------------------------------------------------------------

Copyright(C) 2008 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iEUEARECAAYFAkeQZigACgkQK0LzjOqIJMyocwCfaNooiKEe2MzsbSxVExwfGn+l
BfIAlRNtHhCZHdAjQdehWE8/Dts6s0s=
=D2XR
-----END PGP SIGNATURE-----
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten
Werbung