-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

       SCO Security Advisory

Subject:    UnixWare 7.1.4 : Squid Denial of Service
Advisory number:   SCOSA-2005.44
Issue date:     2005 November 01
Cross reference:  fz533116 fz533151 fz533254
       CAN-2005-2794 CAN-2005-2796 CVE-2005-2917 CVE-2005-3258
______________________________________________________________________________


1. Problem Description

   store.c in Squid 2.5.STABLE10 and earlier allows remote
   attackers to cause a denial of service (crash) via certain
   aborted requests that trigger an assert error related to
   STORE_PENDING.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the name CAN-2005-2794 to this issue.

   The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10
   and earlier allows remote attackers to cause a denial of service
   (segmentation fault) via certain crafted requests.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the name CAN-2005-2796 to this issue.

   Squid 2.5.STABLE10 and earlier, while performing NTLM
   authentication, does not properly handle certain request
   sequences, which allows attackers to cause a denial of service
   (daemon restart).

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the name CVE-2005-2917 to this issue

   The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11
   and earlier allows remote FTP servers to cause a denial of
   service (segmentation fault) via certain "odd" responses.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the name CVE-2005-3258 to this issue.


2. Vulnerable Supported Versions

   System        Binaries
   ----------------------------------------------------------------------
   UnixWare 7.1.4       squid 2.5.STABLE12 distribution


3. Solution

   The proper solution is to install the latest packages.


4. UnixWare 7.1.4

   4.1 Location of Fixed Binaries

   ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.44


   4.2 Verification

   32fd0223233496f737e85a9aa31f00a4  squid-2.5.STABLE12.image

   md5 is available for download from
     ftp://ftp.sco.com/pub/security/tools


   4.3 Installing Fixed Binaries

   Upgrade the affected binaries with the following sequence:

   Download squid-2.5.STABLE12.image to the /var/spool/pkg directory

   # pkgadd -d /var/spool/pkg/squid-2.5.STABLE12.image


5. References

   Specific references for this advisory:
     http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING
     http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout
     http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape
     http://securitytracker.com/id?1014846
     http://secunia.com/advisories/16992
     http://secunia.com/advisories/17271
     http://www.frsirt.com/english/advisories/2005/2151

   SCO security resources:
     http://www.sco.com/support/security/index.html

   SCO security advisories via email
     http://www.sco.com/support/forums/security.html

   This security fix closes SCO incidents fz533116 fz533151
   fz533254.


6. Disclaimer

   SCO is not responsible for the misuse of any of the information
   we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of SCO
   products.


______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)

iD8DBQFDaO04aqoBO7ipriERAskPAKCezWSWi/+glMAT2NvdDRyEfjrTywCfTA55
uYqqvxwQCux9I7+3y8RADIY=
=tG9W
-----END PGP SIGNATURE-----