FrSIRT - Fedora Security Update Fixes Squid Cache Update Reply DoS Issue / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes Squid Cache Update Reply DoS Issue

Title : Fedora Security Update Fixes Squid Cache Update Reply DoS Issue
Advisory ID : FrSIRT/ADV-2007-4234
CVE ID : CVE-2007-6239
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-12-18

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service [...]

Solution

Upgrade the affected packages :

9b09e65be3b20fb059c46d9380e0a24a9b11a3da squid-debuginfo-2.6.STABLE16-2.fc7.ppc64.rpm
4c2b0a2f82fe982d4e24b5d3f73e57345898a0d4 squid-2.6.STABLE16-2.fc7.ppc64.rpm
d7317ec758be30e6be4751157d655c2056a37190 squid-2.6.STABLE16-2.fc7.i386.rpm
aa07dad7021ac0723bdef974705b65769ac62602 squid-debuginfo-2.6.STABLE16-2.fc7.i386.rpm
4ff13968187335a067f6d0ff9bc0d0ccdc0f3226 squid-debuginfo-2.6.STABLE16-2.fc7.x86_64.rpm
78199f68e51a8f530357eb27996534e98513fe27 squid-2.6.STABLE16-2.fc7.x86_64.rpm
b96a81d03d56f3d645b50b9ebaf62de9b8d0f7ab squid-2.6.STABLE16-2.fc7.ppc.rpm
5432b0bd809560afda26899a1e824ed0638c29b1 squid-debuginfo-2.6.STABLE16-2.fc7.ppc.rpm
058f37aa3c43739cb16922e4a797698cd5756996 squid-2.6.STABLE16-2.fc7.src.rpm

43da2e1d0d3b89e6562357a6dbb4045f9313e6eb squid-2.6.STABLE17-1.fc8.ppc64.rpm
ca88ac104307b6bd8d0aacbc9ec5c80b08bae81a squid-debuginfo-2.6.STABLE17-1.fc8.ppc64.rpm
0038966493c7e529331fa5b97502dd94099a9af6 squid-debuginfo-2.6.STABLE17-1.fc8.i386.rpm
e0b30d777d84bae31841ae168d3e277413dcfc88 squid-2.6.STABLE17-1.fc8.i386.rpm
35974b424c465158d78c1d0e92f313e13e27d7d6 squid-debuginfo-2.6.STABLE17-1.fc8.x86_64.rpm
7908951ccbe2d3e744e6145f2effe69db5cc6c50 squid-2.6.STABLE17-1.fc8.x86_64.rpm
f1028280bc6514739e5754ab0dec94ffaf3de6d5 squid-2.6.STABLE17-1.fc8.ppc.rpm
8e2f7e8fbf7a76198112de47cb632302c7c46a1f squid-debuginfo-2.6.STABLE17-1.fc8.ppc.rpm
66c14b197134b667bb4317af5b3e30b7039fe65d squid-2.6.STABLE17-1.fc8.src.rpm

ChangeLog

2007-12-18 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Microsoft Windows Vista "WRITE_ANDX" Denial of Service Vulnerability
	Microsoft Office OneNote URL Code Execution (MS08-055)
	Microsoft GDI+ Multiple Code Execution Vulnerabilities (MS08-052)
	Microsoft Visual Studio "Msmask32" Code Execution Vulnerability
	Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)
	Microsoft Windows Messenger Data Disclosure (MS08-050)
	Microsoft Windows Event System Code Execution (MS08-049)

	Oracle Products Multiple Code Execution and Security Bypass Issues
	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
	Oracle Products Multiple Remote Command Execution and SQL Injection Vulnerabilities

	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service and Security Bypass Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability
	Cisco UCM Denial of Service and Authentication Bypass Vulnerabilities