Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200501-25 (squid)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.54811
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200501-25 (squid)
Summary:	The remote host is missing updates announced in;advisory GLSA 200501-25.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200501-25. Vulnerability Insight: Squid contains vulnerabilities in the code handling NTLM (NT Lan Manager), Gopher to HTML, ACLs and WCCP (Web Cache Communication Protocol) which could lead to ACL bypass, denial of service and arbitrary code execution. Solution: All Squid users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=www-proxy/squid-2.5.7-r2' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0094 BugTraq ID: 12276 http://www.securityfocus.com/bid/12276 Conectiva Linux advisory: CLA-2005:923 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923 Debian Security Information: DSA-651 (Google Search) http://www.debian.org/security/2005/dsa-651 http://fedoranews.org/updates/FEDORA--.shtml http://security.gentoo.org/glsa/glsa-200501-25.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11146 http://www.redhat.com/support/errata/RHSA-2005-060.html http://www.redhat.com/support/errata/RHSA-2005-061.html http://secunia.com/advisories/13825 SuSE Security Announcement: SUSE-SA:2005:006 (Google Search) http://www.novell.com/linux/security/advisories/2005_06_squid.html http://www.trustix.org/errata/2005/0003/ Common Vulnerability Exposure (CVE) ID: CVE-2005-0095 BugTraq ID: 12275 http://www.securityfocus.com/bid/12275 http://www.osvdb.org/12886 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10269 http://securitytracker.com/id?1012882 Common Vulnerability Exposure (CVE) ID: CVE-2005-0096 BugTraq ID: 12324 http://www.securityfocus.com/bid/12324 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10233 http://securitytracker.com/id?1012818 Common Vulnerability Exposure (CVE) ID: CVE-2005-0097 BugTraq ID: 12220 http://www.securityfocus.com/bid/12220 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646 http://secunia.com/advisories/13789 Common Vulnerability Exposure (CVE) ID: CVE-2005-0194 Bugtraq: 20050221 [USN-84-1] Squid vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110901183320453&w=2 CERT/CC vulnerability note: VU#260421 http://www.kb.cert.org/vuls/id/260421 Debian Security Information: DSA-667 (Google Search) http://www.debian.org/security/2005/dsa-667
Copyright	Copyright (C) 2008 E-Soft Inc.