Boletines de Vulnerabilidades |
Denegación de servicio en Squid Web Proxy Cache |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Denegación de Servicio |
Dificultad | Avanzado |
Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | GNU/Linux |
Software afectado | Squid 2.5- <=STABLE6 |
Descripción |
|
Se ha descubierto una vulnerabilidad en la versión STABLE6 y anteriores de Squid 2.5x. La vulnerabilidad reside en un error de diseño en el módulo SNMP durante el parseado de ASN1. La explotación de esta vulnerabilidad podría permitir a un atacante remoto provocar una situación de denegación de servicio de Squid mediante el envío de un paquete SNMP especialmente diseñado. |
|
Solución |
|
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo. Actualización de software Squid Squid-2.5.STABLE6 - Parche http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE6-SNMP_core_dump.patch Squid-2.5.STABLE7 ftp://ftp.squid-cache.org/pub/squid-2/STABLE/squid-2.5.STABLE7.tar.gz Red Hat Linux Red Hat Desktop (v. 3) AMD64 squid-2.5.STABLE3-6.3E.2.x86_64.rpm SRPMS squid-2.5.STABLE3-6.3E.2.src.rpm i386 squid-2.5.STABLE3-6.3E.2.i386.rpm https://rhn.redhat.com/errata/RHSA-2004-591.html Red Hat Enterprise Linux AS (v. 2.1) SRPMS squid-2.4.STABLE7-1.21as.src.rpm i386 squid-2.4.STABLE7-1.21as.i386.rpm ia64 squid-2.4.STABLE7-1.21as.ia64.rpm https://rhn.redhat.com/errata/RHSA-2004-591.html Red Hat Enterprise Linux AS (v. 3) AMD64 squid-2.5.STABLE3-6.3E.2.x86_64.rpm SRPMS squid-2.5.STABLE3-6.3E.2.src.rpm i386 squid-2.5.STABLE3-6.3E.2.i386.rpm ia64 squid-2.5.STABLE3-6.3E.2.ia64.rpm ppc squid-2.5.STABLE3-6.3E.2.ppc.rpm s390 squid-2.5.STABLE3-6.3E.2.s390.rpm s390x squid-2.5.STABLE3-6.3E.2.s390x.rpm https://rhn.redhat.com/errata/RHSA-2004-591.html Red Hat Enterprise Linux ES (v. 2.1) SRPMS squid-2.4.STABLE7-1.21as.src.rpm i386 squid-2.4.STABLE7-1.21as.i386.rpm https://rhn.redhat.com/errata/RHSA-2004-591.html Red Hat Enterprise Linux ES (v. 3) AMD64 squid-2.5.STABLE3-6.3E.2.x86_64.rpm SRPMS squid-2.5.STABLE3-6.3E.2.src.rpm i386 squid-2.5.STABLE3-6.3E.2.i386.rpm ia64 squid-2.5.STABLE3-6.3E.2.ia64.rpm https://rhn.redhat.com/errata/RHSA-2004-591.html Red Hat Enterprise Linux WS (v. 3) AMD64 squid-2.5.STABLE3-6.3E.2.x86_64.rpm SRPMS squid-2.5.STABLE3-6.3E.2.src.rpm i386 squid-2.5.STABLE3-6.3E.2.i386.rpm ia64 squid-2.5.STABLE3-6.3E.2.ia64.rpm https://rhn.redhat.com/errata/RHSA-2004-591.html Red Hat Linux Advanced Workstation 2.1 Itanium Processor SRPMS squid-2.4.STABLE7-1.21as.src.rpm ia64 squid-2.4.STABLE7-1.21as.ia64.rpm https://rhn.redhat.com/errata/RHSA-2004-591.html Mandrake Linux Mandrakelinux 9.2 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/squid-2.5.STABLE3-3.4.92mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/squid-2.5.STABLE3-3.4.92mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/squid-2.5.STABLE3-3.4.92mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/squid-2.5.STABLE3-3.4.92mdk.src.rpm Mandrakelinux 10.0 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/squid-2.5.STABLE4-2.2.100mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/squid-2.5.STABLE4-2.2.100mdk.src.rpm AMD64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/squid-2.5.STABLE4-2.2.100mdk.amd64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/squid-2.5.STABLE4-2.2.100mdk.src.rpm Mandrake Multi Network Firewall 8.2 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/RPMS/squid-2.4.STABLE7-1.3.M82mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/mnf8.2/SRPMS/squid-2.4.STABLE7-1.3.M82mdk.src.rpm Mandrake Corporate Server 2.1 x86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/squid-2.4.STABLE7-2.2.C21mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.2.C21mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.2.C21mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.2.C21mdk.src.rpm Debian Linux Debian Linux 3.0 Source http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4.dsc http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4.diff.gz http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6.orig.tar.gz Alpha http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_alpha.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_alpha.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_alpha.deb ARM http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_arm.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_arm.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_i386.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_i386.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_ia64.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_ia64.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_ia64.deb HP Precision http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_hppa.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_hppa.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_m68k.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_m68k.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_mips.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_mips.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_mipsel.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_mipsel.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_powerpc.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_powerpc.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_s390.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_s390.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody4_sparc.deb http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody4_sparc.deb http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody4_sparc.deb SCO UnixWare 7.1.4 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/squid.pkg |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CAN-2004-0918 |
BID | |
Recursos adicionales |
|
iDEFENSE Security Advisory http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities&flashstatus=true Squid Security Advisory http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-SNMP_core_dump Red Hat Security Advisory RHSA-2004:591-04 https://rhn.redhat.com/errata/RHSA-2004-591.html Mandrakesoft Security Advisory MDKSA-2004:112 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:112 Debian Security Advisory DSA 576-1 http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00185.html SCO Security Advisory SCOSA-2005.16 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2004-10-13 |
1.1 | Aviso emitido por Red Hat (RHSA-2004:591-04) | 2004-10-21 |
1.2 | Aviso emitido por Mandrake (MDKSA-2004:112) | 2004-10-22 |
1.3 | Aviso emitido por Debian (DSA 576-1) | 2004-10-29 |
1.4 | Aviso emitido por SCO (SCOSA-2005.16) | 2005-03-02 |