squid 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1121107750
업데이트 : 2005.07.12
상세내용
Squid 는 웹 클라이언트를 위한 고성능 프락시 캐쉬 서버이다. 또한, FTP 와
고퍼, HTTP 데이터 오브젝트를 지원한다.
변경 사항
. CAN-2005-0626 :
Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape
Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie
headers to be sent to other users, which allows attackers to steal the related
cookies.
. CAN-2005-0718 :
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of
service (segmentation fault) by aborting the connection during a (1) PUT or
(2) POST request, which causes Squid to access previously freed memory.
. CAN-2005-1345 :
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies
missing or invalid ACLs in the http_access configuration, which could lead to
less restrictive ACLs than intended by the administrator.
. CAN-2005-1519 :
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the
environment does not prevent IP spoofing, allows remote attackers to spoof
DNS lookups.
. CVE-1999-0710 :
The RedHat squid program installs cachemgr.cgi in a public web directory,
allowing remote attackers to use it as an intermediary to connect to other
systems.
Autoupdate 지원 : Packages System
pkgadd -F squid
update 패키지
RPMS :
. squid-2.5.STABLE6-6.i686.rpm
SRPMS :
. squid-2.5.STABLE6-6.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1345
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1519
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0710
|