Summary: | <net-proxy/squid-2.7.6-r2/3.0.18-r1 DoS in external auth header parser (CVE-2009-2855) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | martin.holzer, net-proxy+disabled |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.squid-cache.org/bugs/show_bug.cgi?id=2704 | ||
Whiteboard: | C3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2009-07-27 19:37:22 UTC
CVE-2009-2855 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2855): The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function. This seems related to an older Bug: http://www.squid-cache.org/bugs/show_bug.cgi?id=2541 Upstream Patch: http://www.squid-cache.org/bugs/attachment.cgi?id=2041 Fixed in versions squid-2.7.6-r2, squid-3.0.18-r1 and squid-3.1.0.13_beta-r1. Arch teams, please mark version squid-3.0.18-r1 *and* squid-2.7.6-r2 as stable. Stable for HPPA. ppc stable x86 stable alpha/arm/ia64/sparc stable amd64 stable ppc64 done GLSA voting: YES Yes, too. Request filed. could be closed, not more in cvs tree This issue was resolved and addressed in GLSA 201110-24 at http://security.gentoo.org/glsa/glsa-201110-24.xml by GLSA coordinator Tim Sammut (underling). |