Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Squid Denial of Service Vulnerability

Title : Fedora Security Update Fixes Squid Denial of Service Vulnerability
VUPEN ID : VUPEN/ADV-2005-2164
CVE ID : CVE-2005-3258
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-10-21

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Fedora has released updated packages to correct a vulnerability identified in Squid. This flaw is due to an error in "ftp.c" when handling malformed FTP server responses, which could be exploited by remote attackers to crash Squid. For additional information, see : VUPEN/ADV-2005-2151

Affected Products

Fedora Core 3
Fedora Core 4

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

5c0802fc0f79615f7c72331494517784 SRPMS/squid-2.5.STABLE11-3.FC3.src.rpm
51fc3069fea73f26db7152f948da5e76 x86_64/squid-2.5.STABLE11-3.FC3.x86_64.rpm
29b421f9c2de9dafb8b7476915e8146b x86_64/debug/squid-debuginfo-2.5.STABLE11-3.FC3.x86_64.rpm
7690f495c6fe9419960393961d822028 i386/squid-2.5.STABLE11-3.FC3.i386.rpm
d5d4092dc22ea02d0da490cb9ef1f06b i386/debug/squid-debuginfo-2.5.STABLE11-3.FC3.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

6327dc0e09ab56f785dad26b46b2362e SRPMS/squid-2.5.STABLE11-3.FC4.src.rpm
c7312399c3dbdcaa0afb6c42e5528708 ppc/squid-2.5.STABLE11-3.FC4.ppc.rpm
830786073cfd48ccdf2e857fad309c70 ppc/debug/squid-debuginfo-2.5.STABLE11-3.FC4.ppc.rpm
ee191771c2fa577cdee8d716849bb405 x86_64/squid-2.5.STABLE11-3.FC4.x86_64.rpm
1c398f895495bcdd241a3314c9f66172 x86_64/debug/squid-debuginfo-2.5.STABLE11-3.FC4.x86_64.rpm
4ba15c7cf3d88de8b7a7c8f6d12b7da4 i386/squid-2.5.STABLE11-3.FC4.i386.rpm
224b6910ef11e0db87b88355853cdac3 i386/debug/squid-debuginfo-2.5.STABLE11-3.FC4.i386.rpm

References

http://www.vupen.com/english/advisories/2005/2164
http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00059.html
http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00058.html

ChangeLog

2005-10-21 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy