SuSE Update For Squid SUSE-SA:2007:012 Network Vulnerability

Impact

remote denial of service

Solution

Please Install the Updated Packages.

Insight

This update fixes a remotely exploitable denial-of-service bug in squid that can be triggered by using special ftp:// URLs. CVE-2007-0247 Additionally the 10.2 package needed a fix for another DoS bug CVE-2007-0248 and for max_user_ip handling in ntlm_auth.

Affected

squid on SUSE LINUX 10.1, openSUSE 10.2, SuSE Linux Enterprise Server 8, SUSE SLES 9, Open Enterprise Server, Novell Linux POS 9, SUSE SLED 10, SUSE SLES 10

References

http://www.novell.com/linux/security/advisories/2007_12_squid.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-0247, CVE-2007-0248

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

SLES10: Security update for mailman
SLES10: Security update for findutils-locate
SLES10: Security update for file
SLES10: Security update for Cyrus IMAPD
SLES10: Security update for Emacs

SuSE Update for squid SUSE-SA:2007:012

Take action and discover your vulnerabilities