Squid update fixes DoS vulnerability - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Advisory Watch: March 20th, 2010

Linux Security Week: March 16th, 2010

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Squid update fixes DoS vulnerability

User Rating:

How can I rate this item?

Source: H Security - Posted by Alex

Specially crafted DNS packets can compromise the popular Squid web proxy/cache in such a way that it briefly fails to respond. The problem is caused by insufficiently checked DNS responses which Squid initially places in a queue. By sending packets that only contain a header, a queue overflow can be triggered which can apparently be exploited for Denial-of-Service (DoS) attacks. The flaw can be exploited both from internal clients and from external DNS servers. The problem has been known since the most recent Chaos Communication Congress (26c3), where Fabian Yamaguchi described the details of this, as well as further flaws in other applications, in his presentation entitled "cat /proc/sys/net/ipv4/fuckups"PDF.

Versions 2.x, 3.0 up to and including 3.0.STABLE21, and Squid 3.1 up to and including 3.1.0.15 are affected. In versions 3.0.STABLE22 and 3.1.0.16 of Squid, the flaw has been fixed. A patch is also available.

Read this full article at H Security