Debian Security Advisory DSA 809-2 (squid) Network Vulnerability

Summary

The remote host is missing an update to squid announced via advisory DSA 809-2. Certain aborted requests that trigger an assertion in squid, the popular WWW proxy cache, may allow remote attackers to cause a denial of service. This update also fixes a regression caused by DSA 751. For the oldstable distribution (woody) this problem has been fixed in version 2.4.6-2woody10.

Solution

For the stable distribution (sarge) this problem has been fixed in version 2.5.9-10sarge1. For the unstable distribution (sid) this problem has been fixed in version 2.5.10-5. We recommend that you upgrade your squid package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20809-2

Severity

Classification

CVE CVE-2005-2794

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1066-1 (phpbb2)
Debian Security Advisory DSA 1050-1 (clamav)
Debian Security Advisory DSA 104-1 (cipe)
Debian Security Advisory DSA 1155-1 (sendmail)
Debian Security Advisory DSA 1152-1 (trac)

Take action and discover your vulnerabilities