int(1340)

Boletines de Vulnerabilidades


Envenenamiento de la cache en Squid

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Integridad
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado Squid <=2.5

Descripción

Se ha descubierto una vulnerabilidad en la versión 2.5 y anteriores de Squid. La vulnerabilidad reside en el manejo de ciertas respuestas HTTP.

La explotación de esta vulnerabilidad podría permitir a un atacante remoto envenenar la cache de Squid.

Solución

Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo.


Actualización de software

Squid
Squid 2.5.STABLE7 - Parche
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-response_splitting.patch

Debian Linux

Debian Linux 3.0
Source
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6.dsc
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6.diff.gz
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6.orig.tar.gz
Alpha
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_alpha.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_alpha.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_alpha.deb
ARM
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_arm.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_arm.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_arm.deb
Intel IA-32
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_i386.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_i386.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_i386.deb
Intel IA-64
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_ia64.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_ia64.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_ia64.deb
HP Precision
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_hppa.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_hppa.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_hppa.deb
Motorola 680x0
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_m68k.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_m68k.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_m68k.deb
Big endian MIPS
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_mips.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_mips.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_mips.deb
Little endian MIPS
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_mipsel.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_mipsel.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_mipsel.deb
PowerPC
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_powerpc.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_powerpc.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_powerpc.deb
IBM S/390
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_s390.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_s390.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_s390.deb
Sun Sparc
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody6_sparc.deb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody6_sparc.deb
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody6_sparc.deb

SUSE Linux
Distribuciones basadas en SUSE Linux - Actualizar mediante YaST Online Update

Mandrake Linux

Mandrakelinux 9.2
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/squid-2.5.STABLE3-3.6.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/squid-2.5.STABLE3-3.6.92mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/squid-2.5.STABLE3-3.6.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/squid-2.5.STABLE3-3.6.92mdk.src.rpm

Mandrakelinux 10.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/squid-2.5.STABLE4-2.4.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/squid-2.5.STABLE4-2.4.100mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/squid-2.5.STABLE4-2.4.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/squid-2.5.STABLE4-2.4.100mdk.src.rpm

Mandrakelinux 10.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/RPMS/squid-2.5.STABLE6-2.3.101mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.1/SRPMS/squid-2.5.STABLE6-2.3.101mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/RPMS/squid-2.5.STABLE6-2.3.101mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.1/SRPMS/squid-2.5.STABLE6-2.3.101mdk.src.rpm

Corporate Server 2.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/squid-2.4.STABLE7-2.4.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.4.C21mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.4.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.4.C21mdk.src.rpm

Corporate Server 3.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/squid-2.5.STABLE4-2.4.C30mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/squid-2.5.STABLE4-2.4.C30mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/squid-2.5.STABLE4-2.4.C30mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/squid-2.5.STABLE4-2.4.C30mdk.src.rpm

SUSE Linux

SUSE Linux 9.2
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/squid-2.5.STABLE6-6.6.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/squid-2.5.STABLE6-6.6.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/squid-2.5.STABLE6-6.6.src.rpm
x86_64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/squid-2.5.STABLE6-6.6.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/squid-2.5.STABLE6-6.6.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/src/squid-2.5.STABLE6-6.6.src.rpm

SUSE Linux 9.1
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/squid-2.5.STABLE5-42.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/squid-2.5.STABLE5-42.27.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/squid-2.5.STABLE5-42.27.src.rpm
x86_64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/squid-2.5.STABLE5-42.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/squid-2.5.STABLE5-42.27.x86_64.patch.rpm

SUSE Linux 9.0
x86
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/squid-2.5.STABLE3-118.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/squid-2.5.STABLE3-118.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/squid-2.5.STABLE3-118.src.rpm
x86_64
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/squid-2.5.STABLE3-118.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/squid-2.5.STABLE3-118.x86_64.patch.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/squid-2.5.STABLE3-118.src.rpm

SUSE Linux 8.2
x86
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/squid-2.5.STABLE1-106.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/squid-2.5.STABLE1-106.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/squid-2.5.STABLE1-106.src.rpm

SUSE Linux 8.1
x86
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/squid-2.4.STABLE7-288.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/squid-2.4.STABLE7-288.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/squid-2.4.STABLE7-288.src.rpm

Red Hat Linux

Red Hat Desktop (v. 3)
SRPMS
squid-2.5.STABLE3-6.3E.7.src.rpm
IA-32
squid-2.5.STABLE3-6.3E.7.i386.rpm
x86_64
squid-2.5.STABLE3-6.3E.7.x86_64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 2.1)
SRPMS
squid-2.4.STABLE7-1.21as.4.src.rpm
IA-32
squid-2.4.STABLE7-1.21as.4.i386.rpm
IA-64
squid-2.4.STABLE7-1.21as.4.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 3)
SRPMS
squid-2.5.STABLE3-6.3E.7.src.rpm
IA-32
squid-2.5.STABLE3-6.3E.7.i386.rpm
IA-64
squid-2.5.STABLE3-6.3E.7.ia64.rpm
PPC
squid-2.5.STABLE3-6.3E.7.ppc.rpm
s390
squid-2.5.STABLE3-6.3E.7.s390.rpm
s390x
squid-2.5.STABLE3-6.3E.7.s390x.rpm
x86_64
squid-2.5.STABLE3-6.3E.7.x86_64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 2.1)
SRPMS
squid-2.4.STABLE7-1.21as.4.src.rpm
IA-32
squid-2.4.STABLE7-1.21as.4.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 3)
SRPMS
squid-2.5.STABLE3-6.3E.7.src.rpm
IA-32
squid-2.5.STABLE3-6.3E.7.i386.rpm
IA-64
squid-2.5.STABLE3-6.3E.7.ia64.rpm
x86_64
squid-2.5.STABLE3-6.3E.7.x86_64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 3)
SRPMS
squid-2.5.STABLE3-6.3E.7.src.rpm
IA-32
squid-2.5.STABLE3-6.3E.7.i386.rpm
IA-64
squid-2.5.STABLE3-6.3E.7.ia64.rpm
x86_64
squid-2.5.STABLE3-6.3E.7.x86_64.rpm
https://rhn.redhat.com/

Red Hat Linux Advanced Workstation 2.1 Itanium Processor
SRPMS
squid-2.4.STABLE7-1.21as.4.src.rpm
IA-64
squid-2.4.STABLE7-1.21as.4.ia64.rpm
https://rhn.redhat.com/

Identificadores estándar

Propiedad Valor
CVE CAN-2005-0175
BID

Recursos adicionales

Squid-2.5 Patches
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting

Debian Security Advisory DSA 667-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00044.html

SUSE Security Summary Report SUSE-SR:2005:003
http://www.novell.com/linux/security/advisories/2005_03_sr.html

Mandrakesoft Security Advisories MDKSA-2005:034
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:034

SUSE Security Announcement SUSE-SA:2005:006
http://www.novell.com/linux/security/advisories/2005_06_squid.html

Red Hat Security Advisory RHSA-2005:061-19
https://rhn.redhat.com/errata/RHSA-2005-061.html

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2005-02-07
1.1 Aviso emitido por Mandrake (MDKSA-2005:034). Aviso emitido por SUSE (SUSE-SA:2005:006). 2005-02-11
1.2 Aviso emitido por Red Hat (RHSA-2005:061-19) 2005-02-14

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT