Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1121107750
업데이트 : 2005.07.12


상세내용

Squid 는 웹 클라이언트를 위한 고성능 프락시 캐쉬 서버이다.  또한, FTP 와
고퍼, HTTP 데이터 오브젝트를 지원한다.

변경 사항

. CAN-2005-0626 :

Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape
Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie
headers to be sent to other users, which allows attackers to steal the related
cookies.

. CAN-2005-0718 :

Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of
service (segmentation fault) by aborting the connection during a (1) PUT or
(2) POST request, which causes Squid to access previously freed memory.

. CAN-2005-1345 :

Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies
missing or invalid ACLs in the http_access configuration, which could lead to
less restrictive ACLs than intended by the administrator.

. CAN-2005-1519 :

Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the
environment does not prevent IP spoofing, allows remote attackers to spoof
DNS lookups.

. CVE-1999-0710 :

The RedHat squid program installs cachemgr.cgi in a public web directory,
allowing remote attackers to use it as an intermediary to connect to other
systems.


Autoupdate 지원 : Packages System
  pkgadd -F squid

update 패키지

  RPMS :

    . squid-2.5.STABLE6-6.i686.rpm

  SRPMS :

    . squid-2.5.STABLE6-6.src.rpm

참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710