From security@sco.com Wed Nov 2 12:28:31 2005 From: security@sco.com To: security-announce@list.sco.com Date: Wed, 2 Nov 2005 12:24:58 -0500 (EST) Subject: [Full-disclosure] SCOSA-2005.44 UnixWare 7.1.4 : Squid Denial of Service -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SCO Security Advisory Subject: UnixWare 7.1.4 : Squid Denial of Service Advisory number: SCOSA-2005.44 Issue date: 2005 November 01 Cross reference: fz533116 fz533151 fz533254 CAN-2005-2794 CAN-2005-2796 CVE-2005-2917 CVE-2005-3258 ______________________________________________________________________________ 1. Problem Description store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2794 to this issue. The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2796 to this issue. Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2917 to this issue The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-3258 to this issue. 2. Vulnerable Supported Versions System Binaries ---------------------------------------------------------------------- UnixWare 7.1.4 squid 2.5.STABLE12 distribution 3. Solution The proper solution is to install the latest packages. 4. UnixWare 7.1.4 4.1 Location of Fixed Binaries ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.44 4.2 Verification 32fd0223233496f737e85a9aa31f00a4 squid-2.5.STABLE12.image md5 is available for download from ftp://ftp.sco.com/pub/security/tools 4.3 Installing Fixed Binaries Upgrade the affected binaries with the following sequence: Download squid-2.5.STABLE12.image to the /var/spool/pkg directory # pkgadd -d /var/spool/pkg/squid-2.5.STABLE12.image 5. References Specific references for this advisory: http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape http://securitytracker.com/id?1014846 http://secunia.com/advisories/16992 http://secunia.com/advisories/17271 http://www.frsirt.com/english/advisories/2005/2151 SCO security resources: http://www.sco.com/support/security/index.html SCO security advisories via email http://www.sco.com/support/forums/security.html This security fix closes SCO incidents fz533116 fz533151 fz533254. 6. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. ______________________________________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (UnixWare) iD8DBQFDaO04aqoBO7ipriERAskPAKCezWSWi/+glMAT2NvdDRyEfjrTywCfTA55 uYqqvxwQCux9I7+3y8RADIY= =tG9W -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/