|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2002:016-1: squid Vulnerability Assessment Details
|
MDKSA-2002:016-1: squid |
||
Check for the version of the squid package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2002:016-1 (squid). Three security issues were found in the 2.x versions of the Squid proxy server up to and including 2.4.STABLE3. The first is a memory leak in the optional SNMP interface to Squid which could permit a malicious user who can send packets to the Squid SNMP port to possibly perform a Denial of Service attack on ther server if the SNMP interface is enabled. The next is a buffer overflow in the implementation of ftp:// URLs where permited users could possibly perform a DoS on the server, and may be able to trigger remote execution of code (which the authors have not yet confirmed). The final issue is with the HTCP interface which cannot be properly disabled from squid.conf HTCP is enabled by default on Mandrake Linux systems. Update: The squid updates for all versions other than Mandrake Linux were incorrectly built with LDAP authentication which introduced a dependency on OpenLDAP. These new packages do not use LDAP authentication. The Single Network Firewall 7.2 package previously released did not use LDAP authentication, however rebuilding the source RPM package required LDAP to be installed. Single Network Firewall 7.2 users do not need to upgrade to these packages to have a properly function squid. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2002:016-1 Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
Cables, Connectors |
INTEL SSD U.2 NVME 30.72TB D5-P5316
$2998.00
Apple MacBook Pro - 4GB RAM - 128GB SSD - Mac OSX El Capitan + Charger&Battery
$129.99
Hikvision SSD 550MB/s MAX 128GB 256GB 2.5”SATA 3.0 Internal Solid State Disk
$45.47
G5T03 Dell Intel DC S3700 Series 800GB SATA 6Gb/s 2.5" SSD 0G5T03 SSDSC2BA800G3E
$55.00
Patriot P210 128GB 256GB 512GB 1TB 2TB 2.5" SATA 3 6GB/s Internal SSD PC/MAC Lot
$13.99
Netac 1TB 2TB 512GB Internal SSD 2.5'' SATA III 6Gb/s Solid State Drive lot
$13.99
Micron M550 128GB Internal 2.5" SATA SSD Solid State Hard Drive
$9.99
Crucial - 500GB Internal SATA Solid State M2 Drives
$20.00
Fanxiang SSD 512GB 1TB 2TB 4TB 2.5'' SSD SATA III Internal Solid State Drive lot
$107.99
Fanxiang SSD 512GB 1TB 2TB 4TB 2.5''SATA III Internal Solid State Hard Drive LOT
$188.99
|
||
No Discussions have been posted on this vulnerability. |