Gain a shell remotely : Squid overflows

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.10923

Categoría: Gain a shell remotely

Título: Squid overflows

Resumen: NOSUMMARY

Descripción: Description:

The remote squid caching proxy, according to its version number,
is vulnerable to various buffer overflows.

An attacker may use these to gain a shell on this system.

Solution : upgrade to squid 2.4.STABLE7 or newer
Risk factor : High

Referencia Cruzada: BugTraq ID: 4148
Common Vulnerability Exposure (CVE) ID: CVE-2002-0068
http://www.securityfocus.com/bid/4148
Bugtraq: 20020221 Squid HTTP Proxy Security Update Advisory 2002:1 (Google Search)
http://marc.info/?l=bugtraq&m=101431040422095&w=2
Bugtraq: 20020222 Squid buffer overflow (Google Search)
http://marc.info/?l=bugtraq&m=101440163111826&w=2
Bugtraq: 20020222 TSLSA-2002-0031 - squid (Google Search)
http://marc.info/?l=bugtraq&m=101443252627021&w=2
http://www.caldera.com/support/security/advisories/CSSA-2002-010.0.txt
Caldera Security Advisory: CSSA-2002-SCO.7
http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html
Conectiva Linux advisory: CLA-2002:464
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464
FreeBSD Security Advisory: FreeBSD-SA-02:12
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php
http://www.osvdb.org/5378
http://www.redhat.com/support/errata/RHSA-2002-029.html
SuSE Security Announcement: SuSE-SA:2002:008 (Google Search)
http://www.novell.com/linux/security/advisories/2002_008_squid_txt.html
http://www.iss.net/security_center/static/8258.php

Copyright This script is Copyright (C) 2002 Renaud Deraison

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.10923
Categoría:	Gain a shell remotely
Título:	Squid overflows
Resumen:	NOSUMMARY
Descripción:	Description: The remote squid caching proxy, according to its version number, is vulnerable to various buffer overflows. An attacker may use these to gain a shell on this system. Solution : upgrade to squid 2.4.STABLE7 or newer Risk factor : High
Referencia Cruzada:	BugTraq ID: 4148 Common Vulnerability Exposure (CVE) ID: CVE-2002-0068 http://www.securityfocus.com/bid/4148 Bugtraq: 20020221 Squid HTTP Proxy Security Update Advisory 2002:1 (Google Search) http://marc.info/?l=bugtraq&m=101431040422095&w=2 Bugtraq: 20020222 Squid buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=101440163111826&w=2 Bugtraq: 20020222 TSLSA-2002-0031 - squid (Google Search) http://marc.info/?l=bugtraq&m=101443252627021&w=2 http://www.caldera.com/support/security/advisories/CSSA-2002-010.0.txt Caldera Security Advisory: CSSA-2002-SCO.7 http://archives.neohapsis.com/archives/linux/caldera/2002-q1/0014.html Conectiva Linux advisory: CLA-2002:464 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464 FreeBSD Security Advisory: FreeBSD-SA-02:12 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016.php http://www.osvdb.org/5378 http://www.redhat.com/support/errata/RHSA-2002-029.html SuSE Security Announcement: SuSE-SA:2002:008 (Google Search) http://www.novell.com/linux/security/advisories/2002_008_squid_txt.html http://www.iss.net/security_center/static/8258.php
Copyright	This script is Copyright (C) 2002 Renaud Deraison