Gentoo Bug 81997 - www-proxy/squid: FQDN Lookup Denial of Service Vulnerability

First Last Prev Next No search results available Search page Enter new bug

Bug#:	81997
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Jean-François Brunette (RETIRED) <formula7@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 81997 depends on:			Show dependency tree
Bug 81997 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2005-02-14 07:00 0000

Description:
A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an assertion error when performing FQDN lookups and can be exploited to crash Squid by returning a specially crafted DNS response.

The vulnerability has been reported in Squid-2.5.STABLE5 through 2.5.STABLE8.

NOTE: The risk is reportedly reduced with "log_fqdn off" (default setting).

Solution:
Apply patch for 2.5.STABLE8:
http://www.squid-cache.org/Versi...uid-2.5.STABLE8-dns_assert.patch

Original Advisory:
http://www.squid-cache.org/Versi...gs/#squid-2.5.STABLE8-dns_assert

------- Comment #1 From Sune Kloppenborg Jeppesen 2005-02-14 07:07:04 0000 -------

Andrew or new Squid Daddy please bump.

------- Comment #2 From Alin Năstac 2005-02-15 13:15:17 0000 -------

version bumped.
it needs to be marked as stable by arch maintainers.

------- Comment #3 From Sune Kloppenborg Jeppesen 2005-02-15 13:42:41 0000 -------

Thx Alin,

Arches please test and mark 2.5.8 stable.

------- Comment #4 From Jan Brinkmann (RETIRED) 2005-02-15 14:00:50 0000 -------

stable on amd64.

------- Comment #5 From Jason Wever (RETIRED) 2005-02-15 18:22:27 0000 -------

Note: the URLs in the original description are invalid (generate 404s here).

------- Comment #6 From Thierry Carrez (RETIRED) 2005-02-16 02:00:25 0000 -------

This is CAN-2005-0446

------- Comment #7 From Markus Rothe 2005-02-16 11:09:10 0000 -------

stable on ppc64

------- Comment #8 From Michael Hanselmann (hansmi) (RETIRED) 2005-02-16 11:39:53 0000 -------

Stable on ppc.

------- Comment #9 From Michael Hanselmann (hansmi) (RETIRED) 2005-02-16 12:52:38 0000 -------

Stable on hppa.

------- Comment #10 From Jason Wever (RETIRED) 2005-02-16 16:10:54 0000 -------

Stable on SPARC.

------- Comment #11 From Olivier Crete 2005-02-16 16:23:44 0000 -------

x86 is already there

------- Comment #12 From Bryan Østergaard (RETIRED) 2005-02-17 14:46:01 0000 -------

Stable on alpha.

------- Comment #13 From Hardave Riar (RETIRED) 2005-02-17 23:38:09 0000 -------

Stable on mips.

------- Comment #14 From Sune Kloppenborg Jeppesen 2005-02-18 08:06:29 0000 -------

Thx Alin.

GLSA 200502-25

ia64 please remember to mark stable.

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 81997

www-proxy/squid: FQDN Lookup Denial of Service Vulnerability

Last modified: 2006-03-23 19:34:31 0000