Gentoo Security Advisory GLSA 201110-24 (Squid) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201110-24.

Solution

All squid users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-proxy/squid-3.1.15' NOTE: This is a legacy GLSA. Updates for all affected architectures are available since September 4, 2011. It is likely that your system is already no longer affected by this issue. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-24 http://bugs.gentoo.org/show_bug.cgi?id=279379 http://bugs.gentoo.org/show_bug.cgi?id=279380 http://bugs.gentoo.org/show_bug.cgi?id=301828 http://bugs.gentoo.org/show_bug.cgi?id=334263 http://bugs.gentoo.org/show_bug.cgi?id=381065 http://bugs.gentoo.org/show_bug.cgi?id=386215

Insight

Multiple vulnerabilities were found in Squid allowing attackers to execute arbitrary code or cause a Denial of Service.

Severity

Classification

CVE CVE-2009-2621, CVE-2009-2622, CVE-2009-2855, CVE-2010-0308, CVE-2010-0639, CVE-2010-2951, CVE-2010-3072, CVE-2011-3205

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Take action and discover your vulnerabilities