Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 171681 - net-proxy/squid < 2.6.12 TRACE request DoS (CVE-2007-1560)
Summary: net-proxy/squid < 2.6.12 TRACE request DoS (CVE-2007-1560)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/24611/
Whiteboard: B3 [glsa] p-y
Keywords:
Depends on:
Blocks:
 
Reported: 2007-03-21 13:38 UTC by Pierre-Yves Rofes (RETIRED)
Modified: 2007-04-03 22:52 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-03-21 13:38:01 UTC
A vulnerability has been reported in Squid, which can be exploited by
malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the processing of
TRACE requests in squid/src/client_side.c. This can be exploited to
crash the service via a specially crafted TRACE request.

The vulnerability is reported in all Squid 2.6 versions up to
2.6.11.

SOLUTION:
Update to version 2.6.12.
Comment 1 Alin Năstac (RETIRED) gentoo-dev 2007-03-21 17:54:35 UTC
Version bumped to 2.6.12.
Arch teams, please stabilize this version.
Comment 2 Markus Meier gentoo-dev 2007-03-21 19:59:52 UTC
net-proxy/squid-2.6.12  USE="ldap pam samba ssl -ipf-transparent -logrotate -nis (-pf-transparent) -sasl (-selinux) -snmp -zero-penalty-hit"
1. emerges on x86
2. passes collision test
3. works

Portage 2.1.2.2 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.19.5 i686)
=================================================================
System uname: 2.6.19.5 i686 AMD Athlon(TM) XP1800+
Gentoo Base System release 1.12.9
Timestamp of tree: Wed, 21 Mar 2007 16:30:02 +0000
ccache version 2.4 [enabled]
dev-java/java-config: 1.3.7, 2.0.31
dev-lang/python:     2.3.5-r3, 2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     2.4-r6
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.61
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.14
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.17-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=i686 -fomit-frame-pointer -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache1-php4/ext-active/ /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php4/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php4/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php4/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c"
CXXFLAGS="-O2 -march=i686 -fomit-frame-pointer -pipe"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="--nospinner"
FEATURES="autoconfig ccache collision-protect distlocks fixpackages metadata-transfer parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox"
GENTOO_MIRRORS="http://mirror.switch.ch/mirror/gentoo/ http://gentoo.inode.at/"
LANG="en_GB.utf8"
LINGUAS="en de en_GB"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/normal"
SYNC="rsync://192.168.2.1/gentoo-portage"
USE="3dnow 3dnowext X a52 aac alsa apache2 berkdb bitmap-fonts bzip2 cairo cdr cli cracklib crypt cups dbus divx4linux dri dts dvd dvdr dvdread eds emboss exif fam ffmpeg firefox fortran gdbm gif gnome gphoto2 gpm gstreamer gtk hal iconv ipv6 isdnlog java jpeg kde ldap libg++ mad midi mikmod mmx mmxext mono mp3 mpeg ncurses network nls nptl nptlonly ogg opengl oss pam pcre perl png ppds pppd python qt qt3 qt4 quicktime readline reflection samba sdl seamonkey session spell spl ssl svg tcpd test tetex tiff truetype truetype-fonts type1-fonts unicode usb vcd vorbis win32codecs x86 xine xinerama xml xorg xprint xv xvid zlib" ELIBC="glibc" INPUT_DEVICES="mouse keyboard" KERNEL="linux" LINGUAS="en de en_GB" USERLAND="GNU" VIDEO_CARDS="nv none"
Unset:  CTARGET, INSTALL_MASK, LC_ALL, LDFLAGS, MAKEOPTS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 3 Raúl Porcel (RETIRED) gentoo-dev 2007-03-21 20:35:17 UTC
x86 stable.

Thanks Markus.
Comment 4 Gustavo Zacarias (RETIRED) gentoo-dev 2007-03-21 20:52:31 UTC
sparc stable.
Comment 5 Christoph Mende (RETIRED) gentoo-dev 2007-03-21 22:20:50 UTC
emerges fine and works on amd64

Portage 2.1.2.2 (default-linux/amd64/2006.1/desktop, gcc-4.1.1, glibc-2.5-r0, 2.6.20-beyond2 x86_64)
=================================================================
System uname: 2.6.20-beyond2 x86_64 AMD Athlon(tm) 64 X2 Dual Core Processor 4600+
Gentoo Base System release 1.12.9
Timestamp of tree: Wed, 21 Mar 2007 21:50:01 +0000
ccache version 2.4 [enabled]
dev-java/java-config: 1.3.7, 2.0.31
dev-lang/python:     2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     2.4-r6
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.61
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.14
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.17-r2
ACCEPT_KEYWORDS="amd64"
AUTOCLEAN="yes"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=k8 -O2 -pipe -msse3"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/X11/xkb"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/php/apache1-php5/ext-active/ /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/splash /etc/terminfo"
CXXFLAGS="-march=k8 -O2 -pipe -msse3"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig buildsyspkg ccache collision-protect distlocks metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict test"
GENTOO_MIRRORS="ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/ ftp://ftp.uni-erlangen.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://ftp.join.uni-muenster.de/pub/linux/distributions/gentoo ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.gentoo.mesh-solutions.com/gentoo/ ftp://pandemonium.tiscali.de/pub/gentoo/ "
LANG="en_US.ISO-8859-15"
LC_ALL="en_US.ISO-8859-15"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/etc/portage/rsync_excludes"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage/overlay"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X a52 aac acpi alsa amd64 amr audiofile berkdb bitmap-fonts bzip2 cairo cdinstall cdr cli cracklib crypt cups dbus dri dts dvd dvdr dvdread eds emboss encode fam firefox fortran gdbm gif gpm gstreamer gtk gtk2 hal iconv jpeg ldap libg++ lirc logrotate mad midi mikmod mp3 mpeg ncurses nls nptl nptlonly offensive ogg opengl pam pcre php png ppds pppd quicktime readline reflection sdl session smp socks5 spl ssl svg symlink tcpd test tiff truetype truetype-fonts type1-fonts unicode v4l vorbis x264 xinerama xorg xv xvid zlib" ALSA_CARDS="emu10k1" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="evdev keyboard" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIRC_DEVICES="inputlirc" USERLAND="GNU" VIDEO_CARDS="nvidia"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
Comment 6 Steve Dibb (RETIRED) gentoo-dev 2007-03-22 02:23:05 UTC
amd64 stable, thanks Christoph
Comment 7 Janne Pikkarainen 2007-03-22 07:09:26 UTC
Thank you for your quick response time!
Comment 8 Jeroen Roovers (RETIRED) gentoo-dev 2007-03-23 01:01:29 UTC
Stable for HPPA.
Comment 9 Tobias Scherbaum (RETIRED) gentoo-dev 2007-03-23 18:58:37 UTC
ppc stable
Comment 10 Markus Rothe (RETIRED) gentoo-dev 2007-03-24 10:42:14 UTC
ppc64 stable
Comment 11 Jose Luis Rivero (yoswink) (RETIRED) gentoo-dev 2007-03-24 17:34:10 UTC
alpha stable
Comment 12 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-03-24 18:19:28 UTC
thanks arches.

security, time to vote for GLSA... I tend to vote yes.
Comment 13 Chris Gianelloni (RETIRED) gentoo-dev 2007-03-24 19:09:06 UTC
ia64 done
Comment 14 Stefan Cornelius (RETIRED) gentoo-dev 2007-03-24 21:29:08 UTC
i think this one should have a glsa
Comment 15 Matt Drew (RETIRED) gentoo-dev 2007-03-24 22:34:59 UTC
vote yes, updated status, updated title, filed GLSA request.
Comment 16 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-03-26 20:35:36 UTC
I missed the vote, but i would have voted NO. That vulnerability only terminates the child process and won't have any much more severe effect that a simple DoS by flood. A quickly repeated attack is necessary for this vulnerability to have a visible impact, and that can easily be avoided.
Comment 17 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-03-27 06:53:29 UTC
If only a child is killed I vote NO too:-)
Comment 18 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-03-27 09:28:22 UTC
Ubuntu just released [USN-441-1] covering this.
Comment 19 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-04-03 22:52:15 UTC
it was GLSA 200703-27, thanks to everybody