ID de Prueba:	1.3.6.1.4.1.25623.1.0.123704
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2013-0505)
Resumen:	The remote host is missing an update for the 'squid' package(s) announced via the ELSA-2013-0505 advisory.
Descripción:	Summary: The remote host is missing an update for the 'squid' package(s) announced via the ELSA-2013-0505 advisory. Vulnerability Insight: [7:3.1.10-16] - Resolves: #888198 - CVE-2012-5643: improved upstream patch [7:3.1.10-15] - Reverts: #861062 - Squid delays on FQDNs that don't contains AAAA record [7:3.1.10-14] - Resolves: #888198 - CVE-2012-5643: patch [7:3.1.10-13] - Resolves: #888198 - CVE-2012-5643: DoS (excessive resource consumption) [7:3.1.10-12] - Resolves #861062 - add configure directive --enable-internal-dns [7:3.1.10-11 ] - Resolves #861062 - Squid delays on FQDNs that don't contains AAAA record [7:3.1.10-10] - Resolves #798090 - Client timeout uses server-side 'read_timeout' - Resolves #833086 - Private md5 hash function does not comply FIPS - Resolves #782732 - Squid crashes by segfault when it reboots - Resolves #797571 - Squid userid is not added to wbpriv group - Disable strict-error-checking on account of squid-fips.patch Affected Software/OS: 'squid' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-5643 1027890 http://www.securitytracker.com/id?1027890 52024 http://secunia.com/advisories/52024 54839 http://secunia.com/advisories/54839 DSA-2631 http://www.debian.org/security/2013/dsa-2631 MDVSA-2013:129 http://www.mandriva.com/security/advisories?name=MDVSA-2013:129 RHSA-2013:0505 http://rhn.redhat.com/errata/RHSA-2013-0505.html SUSE-SU-2016:1996 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html SUSE-SU-2016:2089 http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html USN-1713-1 http://ubuntu.com/usn/usn-1713-1 [oss-security] 20121217 Re: CVE Request -- SQUID-2012:1 / Squid: DoS (excessive resource consumption) via invalid Content-Length headers or via memory leaks http://openwall.com/lists/oss-security/2012/12/17/4 http://www.squid-cache.org/Advisories/SQUID-2012_1.txt http://www.squid-cache.org/Versions/v3/3.1/changesets/squid-3.1-10479.patch http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11714.patch https://bugs.gentoo.org/show_bug.cgi?id=447596 https://bugzilla.redhat.com/show_bug.cgi?id=887962 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368 openSUSE-SU-2013:0162 http://lists.opensuse.org/opensuse-updates/2013-01/msg00052.html openSUSE-SU-2013:0186 http://lists.opensuse.org/opensuse-updates/2013-01/msg00075.html openSUSE-SU-2013:1436 http://lists.opensuse.org/opensuse-updates/2013-09/msg00025.html openSUSE-SU-2013:1443 http://lists.opensuse.org/opensuse-updates/2013-09/msg00032.html
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.