117264 : RHSA-2005-173: Squid

Risk 3 : Red Hat Local Checks

Updated squid packages that fix a denial of service issue are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team

Squid is a full-featured Web proxy cache.

A bug was found in the way Squid handles FQDN lookups. It was possible to crash the Squid server by sending a carefully crafted DNS response to an FQDN lookup. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0446 to this issue.

Users of squid should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue.

Solution:
Get the newest RedHat Updates.
References:
CVSS Information:
Low Attack Complexity, Partial Availability Impact
Credit:
Tenable : 2009-12-04
New Search
Keywords
Risk Factor
Start Date
End Date
Browse