int(1932)

Vulnerability Bulletins


Denegación de servicio en Squid

Vulnerability classification

Property Value
Confidence level Oficial
Impact Denegación de Servicio
Dificulty Experto
Required attacker level Acceso remoto sin cuenta a un servicio estandar

System information

Property Value
Affected manufacturer GNU/Linux
Affected software Squid <= 2.5.STABLE11

Description

Se ha descubierto una vulnerabilidad en Squid versión 2.5.STABLE11 y anteriores. La vulnerabilidad reside en que la función "rfc1738_do_escape" en "ftp.c" no maneja correctamente ciertas respuestas.

Un servidor FTP malicioso podría causar una denegación de servicio mediante ciertas respuestas especialmente diseñadas.

Solution



Actualización de software

Mandriva

Corporate Server 2.1
X86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/squid-2.4.STABLE7-2.10.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.10.C21mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.10.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.10.C21mdk.src.rpm

Mandriva Linux 10.1
X86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/squid-2.5.STABLE9-1.5.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/squid-2.5.STABLE9-1.5.101mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/squid-2.5.STABLE9-1.5.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/squid-2.5.STABLE9-1.5.101mdk.src.rpm

Corporate 3.0
X86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/squid-2.5.STABLE9-1.5.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/squid-2.5.STABLE9-1.5.C30mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/squid-2.5.STABLE9-1.5.C30mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/squid-2.5.STABLE9-1.5.C30mdk.src.rpm

Multi Network Firewall 2.0
X86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/RPMS/squid-2.5.STABLE9-1.5.M20mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf/2.0/SRPMS/squid-2.5.STABLE9-1.5.M20mdk.src.rpm

Mandriva Linux 10.2
X86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/squid-2.5.STABLE9-1.5.102mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/squid-2.5.STABLE9-1.5.102mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/squid-2.5.STABLE9-1.5.102mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/squid-2.5.STABLE9-1.5.102mdk.src.rpm

Mandriva Linux 2006.0
X86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/squid-2.5.STABLE10-10.2.20060mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/squid-cachemgr-2.5.STABLE10-10.2.20060mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/squid-2.5.STABLE10-10.2.20060mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/squid-2.5.STABLE10-10.2.20060mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/squid-cachemgr-2.5.STABLE10-10.2.20060mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/squid-2.5.STABLE10-10.2.20060mdk.src.rpm

Suse Linux
Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux

SCO
UnixWare 7.1.4
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.44

Standar resources

Property Value
CVE CAN-2005-3258
BID

Other resources

Mandriva Security Advisory (MDKSA-2005:195)
http://www.mandriva.com/security/advisories?name=MDKSA-2005:195

SUSE Security Advisory (SUSE-SR:2005:025)
http://www.novell.com/linux/security/advisories/2005_25_sr.html

SUSE Security Advisory (SUSE-SR:2005:027)
http://www.novell.com/linux/security/advisories/2005_27_sr.html

SCO Security Advisory (SCOSA-2005.44)
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.44/SCOSA-2005.44.txt

Version history

Version Comments Date
1.0 Aviso emitido 2005-10-28
1.1 Aviso emitido por Suse (SUSE-SR:2005:025) 2005-11-14
1.2 Aviso emitido por Suse (SUSE-SR:2005:027) 2005-11-23
1.3 Aviso emitido por SCO (SCOSA-2005.44) 2005-11-28
Ministerio de Defensa
CNI
CCN
CCN-CERT