Package name
squid
Date
2005-10-11
Advisory ID
MDKSA-2005:181
Affected versions
MNF2.0 i586 , 2006.0 i586 , CS2.1 i586 , 10.2 i586 , 10.1 i586 , CS2.1 x86_64 , CS3.0 x86_64 , CS3.0 i586 , 10.2 x86_64 , 2006.0 x86_64 , 10.1 x86_64

Problem description

Squid 2.5.9, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart). The updated packages have been patched to address these issues.

Updated packages

MNF2.0 i586

 d50ee470ba3e48c31c1d9d182ceb94f4  mnf/2.0/RPMS/squid-2.5.STABLE9-1.4.M20mdk.i586.rpm
28c692f3fe6e26ec18e6f9c5df90247a  mnf/2.0/SRPMS/squid-2.5.STABLE9-1.4.M20mdk.src.rpm

2006.0 i586

 b1f84290d8148feeb4243d8662842f1e  2006.0/RPMS/squid-2.5.STABLE10-10.1.20060mdk.i586.rpm
6c1db02fae65e9202b26ecbeb06600f3  2006.0/RPMS/squid-cachemgr-2.5.STABLE10-10.1.20060mdk.i586.rpm
66e697ada09d6727c0b1cce0b535519a  2006.0/SRPMS/squid-2.5.STABLE10-10.1.20060mdk.src.rpm

CS2.1 i586

 28f055d1dac940a09bf8d75739640e47  corporate/2.1/RPMS/squid-2.4.STABLE7-2.9.C21mdk.i586.rpm
1f673b3a7aad68b685463b96b8569157  corporate/2.1/SRPMS/squid-2.4.STABLE7-2.9.C21mdk.src.rpm

10.2 i586

 c720af4bcd25b1601a78a288207dcbef  10.2/RPMS/squid-2.5.STABLE9-1.4.102mdk.i586.rpm
05710a48508987ad1a3f8610befb3545  10.2/SRPMS/squid-2.5.STABLE9-1.4.102mdk.src.rpm

10.1 i586

 2159ad83fce0c0e07abec59e859173df  10.1/RPMS/squid-2.5.STABLE9-1.4.101mdk.i586.rpm
c068938f3b353ac957c2781fdf3a668b  10.1/SRPMS/squid-2.5.STABLE9-1.4.101mdk.src.rpm

CS2.1 x86_64

 d5d6450ca3c426b16a9c36b9b4030f6c  x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.9.C21mdk.x86_64.rpm
1f673b3a7aad68b685463b96b8569157  x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.9.C21mdk.src.rpm

CS3.0 x86_64

 0d71ddfef090edb5ed2d0166a688b7a4  x86_64/corporate/3.0/RPMS/squid-2.5.STABLE9-1.4.C30mdk.x86_64.rpm
9ab3c4c41fb8bd2bdeb84f753e270bda  x86_64/corporate/3.0/SRPMS/squid-2.5.STABLE9-1.4.C30mdk.src.rpm

CS3.0 i586

 5877b6bf476c146d95b78dc62908721a  corporate/3.0/RPMS/squid-2.5.STABLE9-1.4.C30mdk.i586.rpm
9ab3c4c41fb8bd2bdeb84f753e270bda  corporate/3.0/SRPMS/squid-2.5.STABLE9-1.4.C30mdk.src.rpm

10.2 x86_64

 6652fcb5d9cb565d66e687ae8cd4621b  x86_64/10.2/RPMS/squid-2.5.STABLE9-1.4.102mdk.x86_64.rpm
05710a48508987ad1a3f8610befb3545  x86_64/10.2/SRPMS/squid-2.5.STABLE9-1.4.102mdk.src.rpm

2006.0 x86_64

 f8d2a35075a4515961707d52a4e54795  x86_64/2006.0/RPMS/squid-2.5.STABLE10-10.1.20060mdk.x86_64.rpm
7f21b2f3e03ee10535b6e6204bd90f66  x86_64/2006.0/RPMS/squid-cachemgr-2.5.STABLE10-10.1.20060mdk.x86_64.rpm
66e697ada09d6727c0b1cce0b535519a  x86_64/2006.0/SRPMS/squid-2.5.STABLE10-10.1.20060mdk.src.rpm

10.1 x86_64

 5d348dff4c6af7f6fadb7a082949a625  x86_64/10.1/RPMS/squid-2.5.STABLE9-1.4.101mdk.x86_64.rpm
c068938f3b353ac957c2781fdf3a668b  x86_64/10.1/SRPMS/squid-2.5.STABLE9-1.4.101mdk.src.rpm

References