lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050207163345.GA20994@box79162.elkhouse.de>
Date: Mon, 7 Feb 2005 17:33:45 +0100
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: [USN-77-1] Squid vulnerabilities

===========================================================
Ubuntu Security Notice USN-77-1		  February 07, 2005
squid vulnerabilities
CAN-2005-0173, CAN-2005-0174, CAN-2005-0175, CAN-2005-0211
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

squid

The problem can be corrected by upgrading the affected package to
version 2.5.5-6ubuntu0.4.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

A possible authentication bypass was discovered in the LDAP
authentication backend. LDAP ignores leading and trailing whitespace
in search filters. This could possibly be abused to bypass explicit
access controls or confuse accounting when using several variants of
the login name. (CAN-2005-0173)

Previous Squid versions were not strict enough while parsing HTTP
requests and responses. Various violations of the HTTP protocol, such
as multiple Content-Length header lines, invalid "Carriage Return"
characters, and HTTP header names containing whitespace, led to cache
pollution and could possibly be exploited to deliver wrong content to
clients. (CAN-2005-0174)

Squid was susceptible to a cache poisoning attack called "HTTP
response splitting", where false replies are injected in the HTTP
stream. This allowed malicious web servers to forge wrong cache
content for arbitrary web sites, which was then delivered to Squid
clients. (CAN-2005-0175)

The FSC Vulnerability Research Team discovered a buffer overflow in
the WCCP handling protocol. By sending an overly large WCCP packet, a
remote attacker could crash the Squid server, and possibly even
execute arbitrary code with the privileges of the "proxy" user.
(CAN-2005-0211)

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.4.diff.gz
      Size/MD5:   271207 8d50a79d90b0b3d22685035c46995da8
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.4.dsc
      Size/MD5:      652 b4a0773e7b0038524e8622fdab752aea
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5.orig.tar.gz
      Size/MD5:  1363967 6c7f3175b5fa04ab5ee68ce752e7b500

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.5.5-6ubuntu0.4_all.deb
      Size/MD5:   190348 bd299d23e0891d92026c970b217f30c0

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.4_amd64.deb
      Size/MD5:    89774 e4fb7d8c7f232598ae6d095f51eebc9b
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.4_amd64.deb
      Size/MD5:   812968 af0a2933db8f46a5129c6809b8ead130
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.4_amd64.deb
      Size/MD5:    71130 842ccd1c4a7c43f9bc25796ccae95300

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.4_i386.deb
      Size/MD5:    88300 49968f9c793659ba75b130686bb8f5cf
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.4_i386.deb
      Size/MD5:   728568 cdeab80c247ece7055bf4509026ea52b
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.4_i386.deb
      Size/MD5:    69876 ad4a1635432c3432d83b170823bd567d

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.4_powerpc.deb
      Size/MD5:    89240 9034d9683ddba32e4e8667401bc0854c
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.4_powerpc.deb
      Size/MD5:   796174 32314e33b9b2655065220692a63ab169
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.4_powerpc.deb
      Size/MD5:    70624 cc8404f6a9b91018ce8b5b0e09f0416e

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ