SuSE Update For Squid SUSE-SA:2007:012 Network Vulnerability

Impact

remote denial of service

Solution

Please Install the Updated Packages.

Insight

This update fixes a remotely exploitable denial-of-service bug in squid that can be triggered by using special ftp:// URLs. CVE-2007-0247 Additionally the 10.2 package needed a fix for another DoS bug CVE-2007-0248 and for max_user_ip handling in ntlm_auth.

Affected

squid on SUSE LINUX 10.1, openSUSE 10.2, SuSE Linux Enterprise Server 8, SUSE SLES 9, Open Enterprise Server, Novell Linux POS 9, SUSE SLED 10, SUSE SLES 10

References

http://www.novell.com/linux/security/advisories/2007_12_squid.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-0247, CVE-2007-0248
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

SLES10: Security update for gstreamer
SLES10: Security update for libxml2
SLES10: Security update for Apache 2
SLES10: Security update for audiofile
SLES10: Security update for clamav

SuSE Update for squid SUSE-SA:2007:012

Take action and discover your vulnerabilities