Debian Security Advisory DSA 1732-1 (squid3) Network Vulnerability

Summary

The remote host is missing an update to squid3 announced via advisory DSA 1732-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201732-1

Insight

Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered an assertion error in squid3, a full featured Web Proxy cache, which could lead to a denial of service attack. For the stable distribution (lenny), this problem has been fixed in version 3.0.STABLE8-3, which was already included in the lenny release. For the oldstable distribution (etch), this problem has been fixed in version 3.0.PRE5-5+etch1. For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 3.0.STABLE8-3.

Severity

Classification

CVE CVE-2009-0478
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1096-1 (webcalendar)
Debian Security Advisory DSA 1055-1 (mozilla-firefox)
Debian Security Advisory DSA 1066-1 (phpbb2)
Debian Security Advisory DSA 1062-1 (kphone)

Take action and discover your vulnerabilities