|
Fedora update for squid
|
|
Secunia Advisory:
|
SA15381
|
|
|
Release Date:
|
2005-05-18
|
|
Popularity:
|
5,464 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Security Bypass
Spoofing
Manipulation of data
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Fedora Core 3
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-1999-0710
CVE-2005-1389
CVE-2005-1390
CVE-2005-1519
|
|
Description:
Fedora has issued an update for squid. This fixes some vulnerabilities, which can be exploited by malicious people to spoof DNS lookups and poison the web proxy cache.
For more information:
SA15093
SA15294
This also fixes a vulnerability in "cachemgr.cgi", which can be exploited by malicious people to use the system for connecting to other hosts.
Solution:
Apply updated packages.
Fedora Core 3:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
c94ce8b9fc2ae09b867fa73a4036901b SRPMS/squid-2.5.STABLE9-1.FC3.6.src.rpm
6862c9189f1686280b95a31501ce5283 x86_64/squid-2.5.STABLE9-1.FC3.6.x86_64.rpm
5e96af43a684836da7e88279a5643b1a
x86_64/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.x86_64.rpm
81f8f55caf7f423054356ae57c2d02f9 i386/squid-2.5.STABLE9-1.FC3.6.i386.rpm
e912773d9f9889686a70debe1c1146c8 i386/debug/squid-debuginfo-2.5.STABLE9-1.FC3.6.i386.rpm
Other References:
SA15093:
http://secunia.com/advisories/15093/
SA15294:
http://secunia.com/advisories/15294/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
