==========================================================Ubuntu Security Notice USN-84-1 February 21, 2005
squid vulnerabilities CAN-2005-0194, CAN-2005-0446
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
The problem can be corrected by upgrading the affected package to
version 2.5.5-6ubuntu0.5. In general, a standard system upgrade is
sufficient to effect the necessary changes.
When parsing the configuration file, squid interpreted empty Access
Control Lists (ACLs) without defined authentication schemes in a
non-obvious way. This could allow remote attackers to bypass intended
A remote Denial of Service vulnerability was discovered in the domain
name resolution code. A faulty or malicious DNS server could stop the
Squid server immediately by sending a malformed IP address.