CVE-2005-2917
CVSS5.0
发布时间 :2005-09-30 14:05:00
修订时间 :2010-08-21 00:32:23
NMCOPS    

[原文]Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).


[CNNVD]Squid代理服务器客户端NTLM验证拒绝服务漏洞(CNNVD-200509-309)

        squid是一个缓存internet数据的一个软件,它接收用户的下载申请,并自动处理所下载的数据。也就是说,当一个用户象要下载一个主页时,它向 squid发出一个申请,要squid替它下载,然后squid连接所申请网站并请求该主页,接着把该主页传给用户同时保留一个备份,当别的用户申请同样的页面时,squid把保存的备份立即传给用户,使用户觉得速度相当快。squid可以代理http,ftp,gopher,ssl,wais等协议。Squid 2.5.STABLE10及早期版本在执行NTLM验证时,无法正确处理特定请求序列,本地用户可利用此漏洞触发拒绝服务攻击(daemon重启)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:squid:squid:2.5.stable10
cpe:/a:squid:squid:2.5.9

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11580Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attac...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2917
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2917
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200509-309
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2005/dsa-828
(VENDOR_ADVISORY)  DEBIAN  DSA-828
http://secunia.com/advisories/16992
(VENDOR_ADVISORY)  SECUNIA  16992
http://xforce.iss.net/xforce/xfdb/24282
(UNKNOWN)  XF  squid-ntlm-authentication-dos(24282)
http://www.ubuntu.com/usn/usn-192-1/
(UNKNOWN)  UBUNTU  USN-192-1
http://www.securityfocus.com/bid/14977
(UNKNOWN)  BID  14977
http://www.redhat.com/support/errata/RHSA-2006-0052.html
(UNKNOWN)  REDHAT  RHSA-2006:0052
http://www.redhat.com/support/errata/RHSA-2006-0045.html
(UNKNOWN)  REDHAT  RHSA-2006:0045
http://www.osvdb.org/19607
(UNKNOWN)  OSVDB  19607
http://www.novell.com/linux/security/advisories/2005_27_sr.html
(UNKNOWN)  SUSE  SUSE-SR:2005:027
http://www.mandriva.com/security/advisories?name=MDKSA-2005:181
(UNKNOWN)  MANDRIVA  MDKSA-2005:181
http://securitytracker.com/id?1014920
(UNKNOWN)  SECTRACK  1014920
http://secunia.com/advisories/19532
(UNKNOWN)  SECUNIA  19532
http://secunia.com/advisories/19161
(UNKNOWN)  SECUNIA  19161
http://secunia.com/advisories/17177
(UNKNOWN)  SECUNIA  17177
http://secunia.com/advisories/17050
(UNKNOWN)  SECUNIA  17050
http://secunia.com/advisories/17015
(UNKNOWN)  SECUNIA  17015
http://fedoranews.org/updates/FEDORA--.shtml
(UNKNOWN)  FEDORA  FLSA-2006:152809
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
(UNKNOWN)  SGI  20060401-01-U
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
(UNKNOWN)  SCO  SCOSA-2005.49

- 漏洞信息

Squid代理服务器客户端NTLM验证拒绝服务漏洞
中危 授权问题
2005-09-30 00:00:00 2005-10-20 00:00:00
远程  
        squid是一个缓存internet数据的一个软件,它接收用户的下载申请,并自动处理所下载的数据。也就是说,当一个用户象要下载一个主页时,它向 squid发出一个申请,要squid替它下载,然后squid连接所申请网站并请求该主页,接着把该主页传给用户同时保留一个备份,当别的用户申请同样的页面时,squid把保存的备份立即传给用户,使用户觉得速度相当快。squid可以代理http,ftp,gopher,ssl,wais等协议。Squid 2.5.STABLE10及早期版本在执行NTLM验证时,无法正确处理特定请求序列,本地用户可利用此漏洞触发拒绝服务攻击(daemon重启)。

- 公告与补丁

        暂无数据

- 漏洞信息 (F41214)

SCOSA-2005.44.txt (PacketStormID:F41214)
2005-11-03 00:00:00
SCO  sco.com
advisory,remote,denial of service
CVE-2005-2794,CVE-2005-2796,CVE-2005-2917,CVE-2005-3258
[点击下载]

SCO Security Advisory - store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. Squid versions 2.5.STABLE10 and below, while performing NTLM authentication, do not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


______________________________________________________________________________

 			SCO Security Advisory

Subject:		UnixWare 7.1.4 : Squid Denial of Service
Advisory number: 	SCOSA-2005.44
Issue date: 		2005 November 01
Cross reference:	fz533116 fz533151 fz533254
 			CAN-2005-2794 CAN-2005-2796 CVE-2005-2917 CVE-2005-3258
______________________________________________________________________________


1. Problem Description

 	store.c in Squid 2.5.STABLE10 and earlier allows remote
 	attackers to cause a denial of service (crash) via certain
 	aborted requests that trigger an assert error related to
 	STORE_PENDING.

 	The Common Vulnerabilities and Exposures project (cve.mitre.org)
 	has assigned the name CAN-2005-2794 to this issue.

 	The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10
 	and earlier allows remote attackers to cause a denial of service
 	(segmentation fault) via certain crafted requests.

 	The Common Vulnerabilities and Exposures project (cve.mitre.org)
 	has assigned the name CAN-2005-2796 to this issue.

 	Squid 2.5.STABLE10 and earlier, while performing NTLM
 	authentication, does not properly handle certain request
 	sequences, which allows attackers to cause a denial of service
 	(daemon restart).

 	The Common Vulnerabilities and Exposures project (cve.mitre.org)
 	has assigned the name CVE-2005-2917 to this issue

 	The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11
 	and earlier allows remote FTP servers to cause a denial of
 	service (segmentation fault) via certain "odd" responses.

 	The Common Vulnerabilities and Exposures project (cve.mitre.org)
 	has assigned the name CVE-2005-3258 to this issue.


2. Vulnerable Supported Versions

 	System				Binaries
 	----------------------------------------------------------------------
 	UnixWare 7.1.4 			squid 2.5.STABLE12 distribution


3. Solution

 	The proper solution is to install the latest packages.


4. UnixWare 7.1.4

 	4.1 Location of Fixed Binaries

 	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.44


 	4.2 Verification

 	32fd0223233496f737e85a9aa31f00a4  squid-2.5.STABLE12.image

 	md5 is available for download from
 		ftp://ftp.sco.com/pub/security/tools


 	4.3 Installing Fixed Binaries

 	Upgrade the affected binaries with the following sequence:

 	Download squid-2.5.STABLE12.image to the /var/spool/pkg directory

 	# pkgadd -d /var/spool/pkg/squid-2.5.STABLE12.image


5. References

 	Specific references for this advisory:
 		http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING
 		http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout
 		http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape
 		http://securitytracker.com/id?1014846
 		http://secunia.com/advisories/16992
 		http://secunia.com/advisories/17271
 		http://www.frsirt.com/english/advisories/2005/2151

 	SCO security resources:
 		http://www.sco.com/support/security/index.html

 	SCO security advisories via email
 		http://www.sco.com/support/forums/security.html

 	This security fix closes SCO incidents fz533116 fz533151
 	fz533254.


6. Disclaimer

 	SCO is not responsible for the misuse of any of the information
 	we provide on this website and/or through our security
 	advisories. Our advisories are a service to our customers
 	intended to promote secure installation and use of SCO
 	products.


______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (UnixWare)

iD8DBQFDaO04aqoBO7ipriERAskPAKCezWSWi/+glMAT2NvdDRyEfjrTywCfTA55
uYqqvxwQCux9I7+3y8RADIY=
=tG9W
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息 (F40378)

usn-192-1.txt (PacketStormID:F40378)
2005-10-04 00:00:00
Martin Pitt  security.ubuntu.com
advisory,remote,denial of service
linux,ubuntu
CVE-2005-2917
[点击下载]

Ubuntu Security Notice USN-192-1 - Mike Diggins discovered a remote Denial of Service vulnerability in Squid. Sending specially crafted NTML authentication requests to Squid caused the server to crash.

--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-192-1	 September 30, 2005
squid vulnerability
CAN-2005-2917
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

squid

The problem can be corrected by upgrading the affected package to
version 2.5.5-6ubuntu0.11 (for Ubuntu 4.10), or 2.5.8-3ubuntu1.4 (for
Ubuntu 5.04).  In general, a standard system upgrade is sufficient to
effect the necessary changes.

Details follow:

Mike Diggins discovered a remote Denial of Service vulnerability in
Squid. Sending specially crafted NTML authentication requests to Squid
caused the server to crash.


Updated packages for Ubuntu 4.10 (Warty Warthog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.11.diff.gz
      Size/MD5:   284906 ac7a90a24a44a928de68f4384879b384
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.11.dsc
      Size/MD5:      654 1aaf12b2ad68b4ea1a385ddd6165a6ed
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5.orig.tar.gz
      Size/MD5:  1363967 6c7f3175b5fa04ab5ee68ce752e7b500

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.5.5-6ubuntu0.11_all.deb
      Size/MD5:   191262 5a882b351e8ce384bc127fc331eb7b76

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.11_amd64.deb
      Size/MD5:    90658 4e341a366a061b14273fd1c320eee812
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.11_amd64.deb
      Size/MD5:   813412 b1136963ef202e8a0eeff830fc8b83a5
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.11_amd64.deb
      Size/MD5:    72014 a64ffe4843c80b140d5b1e6943ba175c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.11_i386.deb
      Size/MD5:    89174 8c69902ff6e5e990194feada217559fb
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.11_i386.deb
      Size/MD5:   729668 64e6e0cd653a75006464ecab67c0fb53
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.11_i386.deb
      Size/MD5:    70758 1da81a7b2e5053cc12b22c62d52ef591

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.11_powerpc.deb
      Size/MD5:    90094 037aaa45aec44796b62c7567493a0c39
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.11_powerpc.deb
      Size/MD5:   797288 7b3d7ec52d457f18e44560165ce126d0
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.11_powerpc.deb
      Size/MD5:    71516 2bc8311918948571b0a33d99189c8e72

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.8-3ubuntu1.4.diff.gz
      Size/MD5:   307200 91d9803c825ce607dc8c5e5fa3463ae0
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.8-3ubuntu1.4.dsc
      Size/MD5:      663 847e076f1ab5fab86a8e67096d89af37
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.8.orig.tar.gz
      Size/MD5:  1383756 bbc1e77bd175462732fe5f0d822fd160

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.5.8-3ubuntu1.4_all.deb
      Size/MD5:   194648 fda8012bd605c5db9454eb13236e81e7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.8-3ubuntu1.4_amd64.deb
      Size/MD5:    93120 973e9895c6fa965e1993e2ec1f0e08f2
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.8-3ubuntu1.4_amd64.deb
      Size/MD5:   821812 6ad39d6f1a49aaceaad8c4a0db455160
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.8-3ubuntu1.4_amd64.deb
      Size/MD5:    75658 2a2a95567ed450a326ce77fd4b2bdff6

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.8-3ubuntu1.4_i386.deb
      Size/MD5:    91494 d10300fe1ca4d20c8a084d184001b496
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.8-3ubuntu1.4_i386.deb
      Size/MD5:   740156 01627c3e0b46c879331b5781f47c5cab
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.8-3ubuntu1.4_i386.deb
      Size/MD5:    74282 b132e60cbb92d59d9bf6bdeb0145d2ee

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.8-3ubuntu1.4_powerpc.deb
      Size/MD5:    92606 ce1ff62d1c354b4806b712c694794dad
    http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.8-3ubuntu1.4_powerpc.deb
      Size/MD5:   809462 3e2bd61d2e9fa3b3edb515cd318dca26
    http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.8-3ubuntu1.4_powerpc.deb
      Size/MD5:    75136 a6f3a96bb81a17eaaf3d2a49769f9c68

--CE+1k2dSO48ffgeK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDPV2pDecnbV4Fd/IRAkFTAKDcpX0Bf8d0qhaHbMoxrGkps8xPqQCfSfG8
QlO6LgsYltCqAlumWL08LMM=
=LBQ7
-----END PGP SIGNATURE-----

--CE+1k2dSO48ffgeK--
    

- 漏洞信息 (F40363)

Debian Linux Security Advisory 828-1 (PacketStormID:F40363)
2005-10-04 00:00:00
Debian  security.debian.org
advisory
linux,debian
CVE-2005-2917
[点击下载]

Debian Security Advisory DSA 828-1 - Upstream developers of squid, the popular WWW proxy cache, have discovered that changes in the authentication scheme are not handled properly when given certain request sequences while NTLM authentication is in place, which may cause the daemon to restart.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 828-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 30th, 2005                    http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : squid
Vulnerability  : authentication handling
Problem type   : remote
Debian-specific: no
CVE ID         : CAN-2005-2917

Upstream developers of squid, the popular WWW proxy cache, have
discovered that changes in the authentication scheme are not handled
properly when given certain request sequences while NTLM
authentication is in place, which may cause the daemon to restart.

The old stable distribution (woody) is not affected by this problem.

For the stable distribution (sarge) this problem has been fixed in
version 2.5.9-10sarge2.

For the unstable distribution (sid) this problem has been fixed in
version 2.5.10-6.

We recommend that you upgrade your squid packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2.dsc
      Size/MD5 checksum:      659 2392074c3f5bbafac714a0efe3f5413b
    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2.diff.gz
      Size/MD5 checksum:   343578 5b33f1d886a388f5b5e13adf6f8cba36
    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9.orig.tar.gz
      Size/MD5 checksum:  1384772 7290aa52ade1b5d5d3812e9089be13a9

  Architecture independent components:

    http://security.debian.org/pool/updates/main/s/squid/squid-common_2.5.9-10sarge2_all.deb
      Size/MD5 checksum:   195092 380110271211412fec2a319dd55fabe5

  Alpha architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_alpha.deb
      Size/MD5 checksum:   943132 eb3fed6cf6e3014a3793a2c692d1a93d
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_alpha.deb
      Size/MD5 checksum:   100092 c224ea4c569b7857c7b396de2216df92
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_alpha.deb
      Size/MD5 checksum:    78174 7ed6d005ceef0d2d475ae3489c72ba82

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_amd64.deb
      Size/MD5 checksum:   822522 b0c83496fdcfd0950235ee3d423b96a5
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_amd64.deb
      Size/MD5 checksum:    98280 3351bd411a92695183de96d000f8b856
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_amd64.deb
      Size/MD5 checksum:    76288 4452d3e5b62676aa76daf2b07a158887

  ARM architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_arm.deb
      Size/MD5 checksum:   783270 9a7085ed176606fdf1b46e267a3fd437
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_arm.deb
      Size/MD5 checksum:    95822 7937e80db8f517e45fd5a85dc73ed205
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_arm.deb
      Size/MD5 checksum:    75242 4248b0cf821444aa575d6d8650ae1c4e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_i386.deb
      Size/MD5 checksum:   767558 524c210937dd208f2dde7e400290060b
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_i386.deb
      Size/MD5 checksum:    96890 e6a39d2018725412fa6142b2622f9712
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_i386.deb
      Size/MD5 checksum:    75360 249ca7fb34dfefec019c7a7cc79ee8aa

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_ia64.deb
      Size/MD5 checksum:  1074060 be6aff976b6e7fffcae8b701ea608583
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_ia64.deb
      Size/MD5 checksum:   103614 332575bcf0a0c8137d7c3cbf9e768f76
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_ia64.deb
      Size/MD5 checksum:    80686 6357f553a55dc3b27c9f69dd2840765c

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_hppa.deb
      Size/MD5 checksum:   849592 af5a9a87759ac93cd52bddff4ad0b46f
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_hppa.deb
      Size/MD5 checksum:    98076 a9509a1c205d88c5fa071a7de874c671
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_hppa.deb
      Size/MD5 checksum:    77666 60e20ba927030b8713c5d057eae4d928

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_m68k.deb
      Size/MD5 checksum:   705606 1742d32fc772f1dc5e765f492ef6b6c4
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_m68k.deb
      Size/MD5 checksum:    95102 5b803c73e45ea2e47afe2729c573b305
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_m68k.deb
      Size/MD5 checksum:    74588 74db688bbd0a2e5dc63fa7eb1bb1e84f

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_mips.deb
      Size/MD5 checksum:   880286 57abb8cb6e105d6c288b65ea14f240c5
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_mips.deb
      Size/MD5 checksum:    97596 079a2d1377ecc0cc72bb8258953a3de0
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_mips.deb
      Size/MD5 checksum:    76784 e795094f66e38ef0852d5d12566db04e

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_mipsel.deb
      Size/MD5 checksum:   883008 1e3ed4efc7ee2e02afb264b217d1e578
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_mipsel.deb
      Size/MD5 checksum:    97670 9619665e833fd5579ca609cf403072cf
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_mipsel.deb
      Size/MD5 checksum:    76884 a147494ae53e333ec10bcbb7bfed9fd0

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_powerpc.deb
      Size/MD5 checksum:   817704 d723f8c63f9ece32a4e3c6ced55af7d5
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_powerpc.deb
      Size/MD5 checksum:    96798 df6dfd74b399bf4f38ac7b2cfd848b75
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_powerpc.deb
      Size/MD5 checksum:    75938 1ab64c11452cfc36f597f49a423377c3

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_s390.deb
      Size/MD5 checksum:   816160 2a6605a8e65f4fa7035f1a9771139a9a
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_s390.deb
      Size/MD5 checksum:    97178 ebbef048a05df68823ae4d614004937e
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_s390.deb
      Size/MD5 checksum:    76598 ef92c29c34d0637d8c833427477cf866

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/s/squid/squid_2.5.9-10sarge2_sparc.deb
      Size/MD5 checksum:   773748 9327db7709ccb329f7c83270037ea229
    http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.5.9-10sarge2_sparc.deb
      Size/MD5 checksum:    95968 9ba038513e069f6e96d41cf3068daa3c
    http://security.debian.org/pool/updates/main/s/squid/squidclient_2.5.9-10sarge2_sparc.deb
      Size/MD5 checksum:    75618 12254a07f2b7b7a461e8370743da5721


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDPMu9W5ql+IAeqTIRAoiAAJ9fxgBxsBLqNf91HLvADl8sDPn1hwCfcnUx
4UL5rjylWEZN3Af4OYM6boM=
=raQK
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息

19607
Squid Crafted NTLM Authentication Header DoS
Denial of Service
Loss of Availability
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-09-12 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Squid Proxy Client NTLM Authentication Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 14977
Yes No
2005-09-22 12:00:00 2006-12-20 09:47:00
Discovery is credited to Mike Diggins.

- 受影响的程序版本

SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
Squid Web Proxy Cache 2.5 .STABLE9
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.2 x86_64
+ Mandriva Linux Mandrake 10.2
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
Squid Web Proxy Cache 2.5 .STABLE8
+ Gentoo Linux
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Squid Web Proxy Cache 2.5 .STABLE7
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ Gentoo Linux
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
Squid Web Proxy Cache 2.5 .STABLE6
+ Mandriva Linux Mandrake 10.1 x86_64
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Turbolinux Appliance Server 1.0 Workgroup Edition
+ Turbolinux Appliance Server 1.0 Hosting Edition
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Squid Web Proxy Cache 2.5 .STABLE5
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Squid Web Proxy Cache 2.5 .STABLE4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.0
+ OpenPKG OpenPKG Current
Squid Web Proxy Cache 2.5 .STABLE3
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ OpenPKG OpenPKG 1.3
+ Red Hat Enterprise Linux AS 3
+ Red Hat Fedora Core1
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
Squid Web Proxy Cache 2.5 .STABLE10
Squid Web Proxy Cache 2.5 .STABLE1
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ S.u.S.E. Linux Personal 8.2
SGI ProPack 3.0 SP6
SCO Unixware 7.1.4
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Openexchange Server
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Desktop 4.0
RedHat Application Server AS 3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
Squid Web Proxy Cache 2.5.STABLE11

- 不受影响的程序版本

Squid Web Proxy Cache 2.5.STABLE11

- 漏洞讨论

Squid Proxy is prone to a denial-of-service vulnerability. This issue may occur when the proxy handles certain client NTLM-authentication request sequences.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案


Please see the referenced vendor advisories for more information and fixes.


Squid Web Proxy Cache 2.5 .STABLE4

Squid Web Proxy Cache 2.5 .STABLE10

Squid Web Proxy Cache 2.5 .STABLE7

Squid Web Proxy Cache 2.5 .STABLE6

Squid Web Proxy Cache 2.5 .STABLE1

Squid Web Proxy Cache 2.5 .STABLE3

Squid Web Proxy Cache 2.5 .STABLE5

Squid Web Proxy Cache 2.5 .STABLE9

Squid Web Proxy Cache 2.5 .STABLE8

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站