Alert GCSA-09008 - Vulnerabilita' in Squid cache proxy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-09008
Data : 05 Febbraio 2009
Titolo : Vulnerabilita' in Squid cache proxy
*****************************************************************************
:: Descrizione del problema
E' stata riportata una vulnerabilita' in squid-cache che puo' essere
sfruttata per causare un Denial of Service.
Tale vulnerabilita' e' causata da un errore nel processare numeri di
versione HTTP malformati, che, per esempio, puo' essere sfruttata da un
client, locale e remoto, mandando richieste al server appositamente
forgiate.
:: Piattaforme e Software interessati
Squid version 2.7.STABLE5 e precedenti
Squid version 3.0.STABLE12 e precedenti
Squid version 3.1.0.4 e precedenti
:: Impatto
Denial of Service
:: Soluzione
Aggiornare Squid alla versione 2.7.STABLE6, 3.0.STABLE13 o 3.1.0.5:
http://www.squid-cache.org/Download/
Applicare le patch per Squid 2.7:
http://www.squid-cache.org/Versions/v2/2.7/changesets/12432.patch
http://www.squid-cache.org/Versions/v2/2.7/changesets/12442.patch
Applicare le patch per Squid 3.0:
http://www.squid-cache.org/Versions/v3/3.0/changesets/b8964.patch
http://www.squid-cache.org/Versions/v3/3.0/changesets/b8965.patch
Applicare le patch per Squid 3.1:
http://www.squid-cache.org/Versions/v3/3.1/changesets/b9414.patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/b9418.patch
:: Riferimenti
Squid-cache.org:
http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/33604
Secunia
http://secunia.com/advisories/33731/
Vupen (ex FrSIRT)
http://www.vupen.com/english/advisories/2009/0324
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSYrLX/OB+SpikaiRAQLWFgQApWkAbrpG6vOBhJvbtoV6/IXllsxglUgC
tQfcFl1IKkZHQEC37JVL3+53WhDmBse93r2tCn8xvW/5J/Glxi5w6SjS0glllKn5
p/aVsAx6ztt89Mopa0iZJH9t+KmWPxuCWUsYLUQWD77tJLrGWSCZMt2ghxV4/dJ+
lWheanvo25I=
=izsw
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************************
Alert ID : GCSA-09008
Data : 05 Febbraio 2009
Titolo : Vulnerabilita' in Squid cache proxy
*****************************************************************************
:: Descrizione del problema
E' stata riportata una vulnerabilita' in squid-cache che puo' essere
sfruttata per causare un Denial of Service.
Tale vulnerabilita' e' causata da un errore nel processare numeri di
versione HTTP malformati, che, per esempio, puo' essere sfruttata da un
client, locale e remoto, mandando richieste al server appositamente
forgiate.
:: Piattaforme e Software interessati
Squid version 2.7.STABLE5 e precedenti
Squid version 3.0.STABLE12 e precedenti
Squid version 3.1.0.4 e precedenti
:: Impatto
Denial of Service
:: Soluzione
Aggiornare Squid alla versione 2.7.STABLE6, 3.0.STABLE13 o 3.1.0.5:
http://www.squid-cache.org/Download/
Applicare le patch per Squid 2.7:
http://www.squid-cache.org/Versions/v2/2.7/changesets/12432.patch
http://www.squid-cache.org/Versions/v2/2.7/changesets/12442.patch
Applicare le patch per Squid 3.0:
http://www.squid-cache.org/Versions/v3/3.0/changesets/b8964.patch
http://www.squid-cache.org/Versions/v3/3.0/changesets/b8965.patch
Applicare le patch per Squid 3.1:
http://www.squid-cache.org/Versions/v3/3.1/changesets/b9414.patch
http://www.squid-cache.org/Versions/v3/3.1/changesets/b9418.patch
:: Riferimenti
Squid-cache.org:
http://www.squid-cache.org/Advisories/SQUID-2009_1.txt
Securityfocus Bugtraq ID
http://www.securityfocus.com/bid/33604
Secunia
http://secunia.com/advisories/33731/
Vupen (ex FrSIRT)
http://www.vupen.com/english/advisories/2009/0324
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSYrLX/OB+SpikaiRAQLWFgQApWkAbrpG6vOBhJvbtoV6/IXllsxglUgC
tQfcFl1IKkZHQEC37JVL3+53WhDmBse93r2tCn8xvW/5J/Glxi5w6SjS0glllKn5
p/aVsAx6ztt89Mopa0iZJH9t+KmWPxuCWUsYLUQWD77tJLrGWSCZMt2ghxV4/dJ+
lWheanvo25I=
=izsw
-----END PGP SIGNATURE-----