|
OpenLinux updates to squid
|
|
Secunia Advisory:
|
SA7526
|
|
|
Release Date:
|
2002-11-15
|
|
Last Update:
|
2003-05-27
|
|
Popularity:
|
5,626 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
System access
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | OpenLinux Server 3.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Caldera has issued updates to the squid proxy. This addresses an older issue, where users on a local network or users otherwise authorized to connect through the proxy could execute arbitrary code.
Squid failed to parse ftp and gopher listings correctly when transforming them into html, this could be abused to execute arbitrary code.
Other fixes include prevention of FTP connection theft or injection, a problem in MSNT auth helper and proxy authentication credentials.
By using a little social engineering this could easily be exploited by remote persons as well.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
