|
 |
Security Advisory #2004-010
Package name: squid Security FixesDescriptionsquid:
char *ntlm_check_auth(ntlm_authenticate * auth, int auth_length)
{
int rv;
char pass[25] /*, encrypted_pass[40] */;
char *domain =3D credentials;
...
memcpy(pass, tmp.str, tmp.l);
...
The function contains a buffer overflow vulnerability due to a lack of bounds checking on the values copied to the 'pass' variable. Both the 'tmp.str' and 'tmp.l' variables used in the memcpy() call contain user-supplied data. This problem has been assigned the name CAN-2004-0541 [1] by the=20 Common Vulnerabilities and Exposures (CVE) project. This problem was first reported by iDEFENSE [2].=20 References[0] http://http://www.squid-cache.org/[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0541 [2] http://www.idefense.com/application/poi/display?id=3D107 Recommended ActionWe recommend that all systems with these packages installed be upgraded. Please note that if you do not need the functionality provided by this package, you may want to remove it from your system. Location
All tinysofa updates are available from
<URI:http://http.tinysofa.org/pub/tinysofa/updates/> Automatic UpdatesUsers of the SWUP tool can enjoy having updates automatically installed using 'swup --upgrade'. Questions?
Check out our mailing lists: Verification
This advisory is signed with the tinysofa security sign key.
This key is available from:
All tinysofa packages are signed with the tinysofa stable sign key.
This key is available from:
The advisory is available from the tinysofa errata database at
<URI:http://www.tinysofa.org/support/errata/> MD5sums Of The Packages1fc7bd552435e8c6605d1cdd064d2edc squid-2.5.STABLE5-6ts.i586.rpm
--  
|
 |
|
|
|
|
| All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP |
