Debian Security Advisory DSA 809-2 (squid) Network Vulnerability

Summary

The remote host is missing an update to squid announced via advisory DSA 809-2. Certain aborted requests that trigger an assertion in squid, the popular WWW proxy cache, may allow remote attackers to cause a denial of service. This update also fixes a regression caused by DSA 751. For the oldstable distribution (woody) this problem has been fixed in version 2.4.6-2woody10.

Solution

For the stable distribution (sarge) this problem has been fixed in version 2.5.9-10sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.5.10-5. We recommend that you upgrade your squid package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20809-2

Severity

Classification

CVE CVE-2005-2794
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1081-1 (libextractor)
Debian Security Advisory DSA 1041-1 (abc2ps)
Debian Security Advisory DSA 1079-1 (mysql-dfsg)
Debian Security Advisory DSA 1010-1 (ilohamail)
Debian Security Advisory DSA 109-1 (faqomatic)

Take action and discover your vulnerabilities