what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2008-002

Mandriva Linux Security Advisory 2008-002
Posted Jan 5, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The cache update reply processing functionality in Squid 2.x before 2.6.STABLE17, and Squid 3.0, allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers.

tags | advisory, remote, web, denial of service
systems | linux, mandriva
advisories | CVE-2007-6239
SHA-256 | d8783001207d0b3a040bfe86fdf88a9218e34b835ac747260dd837a5e07f8f55
Download | Favorite | View

Mandriva Linux Security Advisory 2008-002

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:002
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : squid
 Date    : January 4, 2008
 Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 The cache update reply processing functionality in Squid 2.x before
 2.6.STABLE17, and Squid 3.0, allows remote attackers to cause a denial
 of service (crash) via unknown vectors related to HTTP headers.
 
 The updated package fixes this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6239
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 96faafb7a9e07b278a0aafa84bf926ae  2007.0/i586/squid-2.6.STABLE1-4.4mdv2007.0.i586.rpm
 03fad047effae58ca2489e80aa1bfa5b  2007.0/i586/squid-cachemgr-2.6.STABLE1-4.4mdv2007.0.i586.rpm 
 37dfa22f24df058851acc5c3c1b5879d  2007.0/SRPMS/squid-2.6.STABLE1-4.4mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 c2ed1ce138a117d92a9d1258e19853a4  2007.0/x86_64/squid-2.6.STABLE1-4.4mdv2007.0.x86_64.rpm
 8b1db434ee0e509aa71d7b1c81f62665  2007.0/x86_64/squid-cachemgr-2.6.STABLE1-4.4mdv2007.0.x86_64.rpm 
 37dfa22f24df058851acc5c3c1b5879d  2007.0/SRPMS/squid-2.6.STABLE1-4.4mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 4e5314934a52d574cfab66fab288fec1  2007.1/i586/squid-2.6.STABLE7-2.1mdv2007.1.i586.rpm
 ea5fff3e07bb15bca7a2c3b3fd1dce43  2007.1/i586/squid-cachemgr-2.6.STABLE7-2.1mdv2007.1.i586.rpm 
 8ae95395bd9b0bd3888561ce359048db  2007.1/SRPMS/squid-2.6.STABLE7-2.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 c4b1a7b86c812f272601c76c757a456e  2007.1/x86_64/squid-2.6.STABLE7-2.1mdv2007.1.x86_64.rpm
 48bd862e07da9f1aacbf8f4e30ebc734  2007.1/x86_64/squid-cachemgr-2.6.STABLE7-2.1mdv2007.1.x86_64.rpm 
 8ae95395bd9b0bd3888561ce359048db  2007.1/SRPMS/squid-2.6.STABLE7-2.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 471283e5ec222b4558804201ed528580  2008.0/i586/squid-2.6.STABLE16-1.2mdv2008.0.i586.rpm
 aae1cede196ab3ee8ce872a4f9339197  2008.0/i586/squid-cachemgr-2.6.STABLE16-1.2mdv2008.0.i586.rpm 
 3b7ac01f28af138e6a4a911ea13c3014  2008.0/SRPMS/squid-2.6.STABLE16-1.2mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 ee831d24d0027f9e30d329ba19481572  2008.0/x86_64/squid-2.6.STABLE16-1.2mdv2008.0.x86_64.rpm
 4d788055f21fd55b228881b66d4e351e  2008.0/x86_64/squid-cachemgr-2.6.STABLE16-1.2mdv2008.0.x86_64.rpm 
 3b7ac01f28af138e6a4a911ea13c3014  2008.0/SRPMS/squid-2.6.STABLE16-1.2mdv2008.0.src.rpm

 Corporate 3.0:
 b80be38521a9c761ddeb3fac585a5bef  corporate/3.0/i586/squid-2.5.STABLE9-1.8.C30mdk.i586.rpm 
 068c0327621ff22367dd979aa9f7ecee  corporate/3.0/SRPMS/squid-2.5.STABLE9-1.8.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 2c0eaf65b0c65bb56793bce55d2ac0fc  corporate/3.0/x86_64/squid-2.5.STABLE9-1.8.C30mdk.x86_64.rpm 
 068c0327621ff22367dd979aa9f7ecee  corporate/3.0/SRPMS/squid-2.5.STABLE9-1.8.C30mdk.src.rpm

 Corporate 4.0:
 69d5364d1187f459934c86e311bf6d96  corporate/4.0/i586/squid-2.6.STABLE1-4.4.20060mlcs4.i586.rpm
 9cab80bad8eac5d17af87f8411185529  corporate/4.0/i586/squid-cachemgr-2.6.STABLE1-4.4.20060mlcs4.i586.rpm 
 33c75a040e930c85e7668b160216558a  corporate/4.0/SRPMS/squid-2.6.STABLE1-4.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 37a81cbfac6f8937fd74e4b672e04019  corporate/4.0/x86_64/squid-2.6.STABLE1-4.4.20060mlcs4.x86_64.rpm
 df0f15a253003d6b2c234e4a5ccfbff1  corporate/4.0/x86_64/squid-cachemgr-2.6.STABLE1-4.4.20060mlcs4.x86_64.rpm 
 33c75a040e930c85e7668b160216558a  corporate/4.0/SRPMS/squid-2.6.STABLE1-4.4.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 0d291e6348ec79f86213230619ce7cfd  mnf/2.0/i586/squid-2.5.STABLE9-1.8.M20mdk.i586.rpm 
 2192fc9b2b9e1e000e144abf8e054860  mnf/2.0/SRPMS/squid-2.5.STABLE9-1.8.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iEYEARECAAYFAkd+mOMACgkQmqjQ0CJFipjgwACeLzJfKZn1RHqoqzVsxczyJcHO
v9kAn1gapJ/F6MciY5VtzOaHumprqySG
=Qb45
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close