RHSA-2002:029: New squid packages available
Description
New squid packages are available that fix various vulnerabilities. Some of these vulnerabilities could be used to perform a denial of service (DoS) attack or allow remote users to execute code as the user squid.
Squid is a high-performance proxy caching server. Various security issues have been found in Squid up to and including version 2.4.STABLE2. These were: - a memory leak in the SNMP code - a crash on specially-formatted data in FTP URL parsing - HTCP would still be active, even if it was disabled in the config file These errata pacakges contain Squid version 2.4.STABLE3, which is not vulnerable to these issues. It is recommended that all users of Squid update to the fixed packages. Note: SNMP support is disabled in the default configuration of these packages (it was previously enabled). If you need SNMP support, edit your squid configuration and change the 'snmp_port' option; the default port for SNMP enabled-squid is 3401. Thanks go to Jouko Pynnonen for notifying us of the FTP vulnerability and to the Squid team for providing patches. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2002-0067, CAN-2002-0068, CAN-2002-0069 to these issues.
Solution(s)
- redhat-upgrade-squid
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center