Debian Security Advisory DSA 1732-1 (squid3) Network Vulnerability

Summary

The remote host is missing an update to squid3 announced via advisory DSA 1732-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201732-1

Insight

Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered an assertion error in squid3, a full featured Web Proxy cache, which could lead to a denial of service attack. For the stable distribution (lenny), this problem has been fixed in version 3.0.STABLE8-3, which was already included in the lenny release. For the oldstable distribution (etch), this problem has been fixed in version 3.0.PRE5-5+etch1. For the testing distribution (squeeze) and the unstable distribution (sid), this problem has been fixed in version 3.0.STABLE8-3.

Severity

Classification

CVE CVE-2009-0478

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 020-1 (php4)
Debian Security Advisory DSA 1151-1 (heartbeat)
Debian Security Advisory DSA 010-1 (gnupg)
Debian Security Advisory DSA 1066-1 (phpbb2)
Debian Security Advisory DSA 1076-1 (lynx)

Take action and discover your vulnerabilities