Trustix Secure Linux Advisory: squid
Jun 11, 2004, 17:27 (0 Talkback[s])
Trustix Secure Linux Security Advisory #2004-0033
Package name: squid
Summary: buffer overflow
Affected versions: Trustix Secure Linux 2.0 Trustix Secure Linux
2.1 Trustix Secure Enterprise Linux 2
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and
especially hot objects cached in RAM, caches DNS lookups, supports
non-blocking DNS lookups, and implements negative caching of failed
Remote exploitation of a buffer overflow vulnerability in Squid Web
Proxy Cache could allow a remote attacker to execute arbitrary
code. Squid Web Proxy Cache supports Basic, Digest and NTLM
authentication. The vulnerability specifically exists within the
NTLM authentication helper routine, ntlm_check_auth(), located in
The function contains a buffer overflow vulnerability due to a
lack of bounds checking on the values copied to the 'pass'
variable. Both the 'tmp.str' and 'tmp.l' variables used in the
memcpy() call contain user-supplied data.
We recommend that all systems with this package installed be
upgraded. Please note that if you do not need the functionality
provided by this package, you may want to remove it from your
All Trustix Secure Linux updates are available from
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers.
With focus on security and stability, the system is painlessly kept
safe and up to date from day one using swup, the automated software
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Most updates for Trustix Secure Linux are made available for public
testing some time before release.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
The testing tree is located at
You may also use swup for public testing of updates:
class = 0
location = "http://tsldev.trustix.org/horizon/rdfs/latest.rdf"
regexp = ".*"
Check out our mailing lists:
This advisory along with all Trustix packages are signed with the
TSL sign key.
This key is available from:
The advisory itself is available from the errata pages at
or directly at
MD5sums of the packages:
Trustix Security Team