ID de Prueba:	1.3.6.1.4.1.25623.1.0.54227
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2002-0031 (squid-cron)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2002-0031. From the Squid advisory at http://www.squid-cache.org/Advisories/SQUID-2002_1.txt Three security issues have recently been found in the Squid-2.X releases up to and including 2.4.STABLE3. a) A memory leak in the optional SNMP interface to Squid, allowing an malicious user who can send packets to the Squid SNMP port to possibly perform an denial of service attack on the Squid proxy service if the SNMP interface has been enabled (disabled by default). b) A buffer overflow in the implementation of ftp:// URLs where users who are allowed to proxy ftp:// URLs via Squid can perform an denial of service on the proxy service, and possibly even trigger remote execution of code (not yet confirmed). c) The optional HTCP interface cannot be properly disabled from squid.conf even if the documentation claims it can. The HTCP interface to Squid is not enabled by default, but can be enabled at compile time using the --enable-htcp configure option and some vendors distribute Squid binaries with HTCP enabled. Solution: Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=TSLSA-2002-0031 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.