Debian Security Advisory DSA 3101-1 (c-icap - Security Update) Network Vulnerability

Summary

Several vulnerabilities were found in c-icap, an ICAP server implementation, which could allow a remote attacker to cause c-icap to crash, or have other, unspecified impacts.

Solution

For the stable distribution (wheezy), these problems have been fixed in version 1:0.1.6-1.1+deb7u1. For the upcoming stable distribution (jessie), these problems have been fixed in version 1:0.3.1-1. For the unstable distribution (sid), these problems have been fixed in version 1:0.3.1-1. We recommend that you upgrade your c-icap packages.

Insight

C-ICAP is an implementation of an ICAP server. It can be used with HTTP proxies that support the ICAP protocol to implement content adaptation and filtering services.

Affected

c-icap on Debian Linux

Detection

This check tests the installed software version using the apt package manager.

References

http://www.debian.org/security/2014/dsa-3101.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-7401, CVE-2013-7402

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 3101-1 (c-icap - security update)

Take action and discover your vulnerabilities