(Fedora Issues Fix for FC1) Squid ntlm_check_auth() Buffer Overflow Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1010458
|
|
SecurityTracker URL: http://securitytracker.com/id?1010458
|
|
CVE Reference: CAN-2004-0541
(Links to External Site)
|
Date: Jun 10 2004
|
Impact: Execution of arbitrary code via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): 3.*-PRE, 2.5.*
|
Description: iDEFENSE reported a buffer overflow vulnerability in Squid in the processing of NTLM authentication messages. A remote user can execute arbitrary code on the target system.
It is reported that if the proxy is configured to use the NTLM authentication helper, a remote user can send a specially crafted
password to trigger a buffer overflow in 'helpers/ntlm_auth/SMB/libntlmssp.c' in the ntlm_check_auth() function.
The vendor was
reportedly notified on May 20, 2004.
|
Impact: A remote user can execute arbitrary code on the target system.
|
Solution: Fedora has released a fix, available at:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
ac5bbb825c3ab5223b1b26f162f24c19
SRPMS/squid-2.5.STABLE3-2.fc1.src.rpm
28f6216478b102cbddcf6de38ea8f126 i386/squid-2.5.STABLE3-2.fc1.i386.rpm
c8fb3a9ddc44e0e8d01a092993877ed7
i386/debug/squid-debuginfo-2.5.STABLE3-2.fc1.i386.rpm
e034b4a07c0e00a285f115be6ac63cfa x86_64/squid-2.5.STABLE3-2.fc1.x86_64.rpm
6a4992a5d0244b297ddc9ca44a312541
x86_64/debug/squid-debuginfo-2.5.STABLE3-2.fc1.x86_64.rpm
|
Vendor URL: www.squid-cache.org/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Red Hat Fedora)
|
Underlying OS Comments: Fedora Core 1
|
Reported By: Jay Fenlason <fenlason@redhat.com>
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 9 Jun 2004 11:16:49 -0400
From: Jay Fenlason <fenlason@redhat.com>
Subject: [SECURITY] Fedora Core 1 Update: squid-2.5.STABLE3-2.fc1
|
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-163
2004-06-09
---------------------------------------------------------------------
Product : Fedora Core 1
Name : squid
Version : 2.5.STABLE3
Release : 2.fc1
Summary : The Squid proxy caching server.
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.
Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.
---------------------------------------------------------------------
* Mon Jun 07 2004 Jay Fenlason <fenlason@redhat.com>
7:2.5.STABLE3-2.fc1
- Backport patch for CAN-2004-0541: buffer overflow in ntlm auth
helper.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
ac5bbb825c3ab5223b1b26f162f24c19 SRPMS/squid-2.5.STABLE3-2.fc1.src.rpm
28f6216478b102cbddcf6de38ea8f126 i386/squid-2.5.STABLE3-2.fc1.i386.rpm
c8fb3a9ddc44e0e8d01a092993877ed7 i386/debug/squid-debuginfo-2.5.STABLE3-2.fc1.i386.rpm
e034b4a07c0e00a285f115be6ac63cfa x86_64/squid-2.5.STABLE3-2.fc1.x86_64.rpm
6a4992a5d0244b297ddc9ca44a312541 x86_64/debug/squid-debuginfo-2.5.STABLE3-2.fc1.x86_64.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
