rhsa-2002_130
Vulnerability from csaf_redhat
Published
2002-07-12 22:58
Modified
2024-11-21 22:19
Summary
Red Hat Security Advisory: squid security update

Notes

Topic
New Squid packages are available which fix various issues.
Details
Squid is a high-performance proxy caching server. The following summary describes the various issues found and fixed: Several buffer overflows have been found in the MSTN auth helper (msnt_auth) when configured to use denyusers or allowusers access control files. Several buffer overflows were found in the gopher client of Squid. It could be possible for a malicious gopher server to cause Squid to crash. A problem was found in the handling of the FTP data channel, possibly allowing abuse of the FTP proxy to bypass firewall rules or inject false FTP replies. Several possible buffer overflows were found in the code parsing FTP directories, which potentially allow for an untrusted FTP server to crash Squid. Thanks go to Olaf Kirch and the Squid team for notifying us of the problems and to the Squid team for providing patches. All users of Squid are advised to upgrade to these errata packages which contain patches to correct each of these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.


To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "New Squid packages are available which fix various issues.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Squid is a high-performance proxy caching server. The following summary\ndescribes the various issues found and fixed:\n\nSeveral buffer overflows have been found in the MSTN auth helper\n(msnt_auth) when configured to use denyusers or allowusers access control\nfiles.\n\nSeveral buffer overflows were found in the gopher client of Squid. It\ncould be possible for a malicious gopher server to cause Squid to crash.\n\nA problem was found in the handling of the FTP data channel, possibly\nallowing abuse of the FTP proxy to bypass firewall rules or inject false\nFTP replies.\n\nSeveral possible buffer overflows were found in the code parsing FTP\ndirectories, which potentially allow for an untrusted FTP server to crash\nSquid.\n\nThanks go to Olaf Kirch and the Squid team for notifying us of the\nproblems and to the Squid team for providing patches.\n\nAll users of Squid are advised to upgrade to these errata packages which\ncontain patches to correct each of these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2002:130",
        "url": "https://access.redhat.com/errata/RHSA-2002:130"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "http://www.squid-cache.org/Versions/v2/2.4/bugs/",
        "url": "http://www.squid-cache.org/Versions/v2/2.4/bugs/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2002/rhsa-2002_130.json"
      }
    ],
    "title": "Red Hat Security Advisory: squid security update",
    "tracking": {
      "current_release_date": "2024-11-21T22:19:48+00:00",
      "generator": {
        "date": "2024-11-21T22:19:48+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2002:130",
      "initial_release_date": "2002-07-12T22:58:00+00:00",
      "revision_history": [
        {
          "date": "2002-07-12T22:58:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2002-06-26T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-21T22:19:48+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                "product": {
                  "name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_id": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 ",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:2.1::as"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2002-0713",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616800"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0713"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616800",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616800"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0713",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0713"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0713",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0713"
        }
      ],
      "release_date": "2002-07-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-07-12T22:58:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network.  To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:130"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0714",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616801"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0714"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616801",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616801"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0714",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0714"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0714",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0714"
        }
      ],
      "release_date": "2002-07-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-07-12T22:58:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network.  To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:130"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    },
    {
      "cve": "CVE-2002-0715",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1616802"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user\u0027s proxy login and password.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2002-0715"
        },
        {
          "category": "external",
          "summary": "RHBZ#1616802",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616802"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2002-0715",
          "url": "https://www.cve.org/CVERecord?id=CVE-2002-0715"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2002-0715",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2002-0715"
        }
      ],
      "release_date": "2002-07-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2002-07-12T22:58:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nPlease note that this update is available via Red Hat Network.  To use Red\nHat Network, launch the Red Hat Update Agent with the following command:\n\nup2date\n\nThis will start an interactive process that will result in the appropriate\nRPMs being upgraded on your system.",
          "product_ids": [
            "Red Hat Enterprise Linux AS (Advanced Server) version 2.1 "
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2002:130"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "security flaw"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.