lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050307144800.A787@caldera.com>
Date: Mon, 7 Mar 2005 14:48:00 -0800
From: please_reply_to_security@....com
To: security-announce@...t.sco.com, bugtraq@...urityfocus.com,
	full-disclosure@...ts.netsys.com
Subject: UnixWare 7.1.4 : squid updated package fixes several security issues



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



______________________________________________________________________________

			SCO Security Advisory

Subject:		UnixWare 7.1.4 : squid updated package fixes several security issues
Advisory number: 	SCOSA-2005.16
Issue date: 		2005 February 11
Cross reference:	sr890343 fz529457 erg712610 sr892199 fz530514 erg712740 CAN-2004-0189 CAN-2004-0918
______________________________________________________________________________


1. Problem Description

	The asn_parse_header function (asn1.c) in the SNMP module
	for Squid Web Proxy Cache before 2.4.STABLE7 allows remote
	attackers to cause a denial of service (server restart) via
	certain SNMP packets with negative length fields that causes
	a memory allocation error. 

	The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier 
	allows remote attackers to bypass url_regex ACLs via a URL with 
	a NULL ("%00") character, which causes Squid to use only a 
	portion of the requested URL when comparing it against the 
	access control lists. 

	The Common Vulnerabilities and Exposures project (cve.mitre.org)
	has assigned the name CAN-2004-0189 and CAN-2004-0918 to this issues.


2. Vulnerable Supported Versions

	System				Binaries
	----------------------------------------------------------------------
	UnixWare 7.1.4 			distribution


3. Solution

	The proper solution is to install the latest packages.

4. UnixWare 7.1.4

	4.1 Location of Fixed Binaries

	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16

	or
	
	The fixes are also available in SCO UnixWare 7.1.4 Mantenance Pack 2

	http://www.sco.com/support/update/download/release.php?rid=58

	4.2 Verification

	MD5 (squid.pkg) = 6c33ff5d3b7bac965e2c816f0ae489eb

	or

	MD5 (uw714mp2.iso) = 335919be68f54253852cb8abca11814a  

	md5 is available for download from
		ftp://ftp.sco.com/pub/security/tools

	4.3 Installing Fixed Binaries

	Upgrade the affected binaries with the following sequence:

	Download squid.pkg to the /var/spool/pkg directory

	# pkgadd -d /var/spool/pkg/squid.pkg

	or 

	See ftp://ftp.sco.com/pub/unixware7/714/mp/mp2/uw714mp2.txt


5. References

	Specific references for this advisory:
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0189 
		http://www.squid-cache.org/Advisories/SQUID-2004_1.txt 
		http://www.microsoft.com/security/incident/spoof.asp 
		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0918

	SCO security resources:
		http://www.sco.com/support/security/index.html

	SCO security advisories via email
		http://www.sco.com/support/forums/security.html

	This security fix closes SCO incidents sr890343 fz529457
	erg712610 sr892199 fz530514 erg712740.


6. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers
	intended to promote secure installation and use of SCO
	products.


7. Acknowledgments

	SCO would like to thank Mitch Adair reported %00 bug and
	Duane Wessels, for patching the %00 bug and adding the
	urllogin ACL type.

______________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (SCO/UNIX_SVR5)

iD8DBQFCI3A+aqoBO7ipriERAppTAJ9Fh/jKFa4KUnk9qICwuNoh+COo6QCfa6vC
W4JiUN/MzU73p3H4rcxh9lE=
=eNIb
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists