● Squid Web Proxy Cache 拒绝服务漏洞 (Other,其 - 荔园在线 | 深圳大学学生论坛,荔园晨风BBS,深大在线网站

荔园之美，在春之萌芽，在夏之绽放，在秋之收获，在冬之沉淀

发信人: michaelx (水并不是这样灌的), 信区: Security
标  题: Squid Web Proxy Cache 拒绝服务漏洞 (Other,其他)
发信站: 荔园晨风BBS站 (Sat Nov 24 15:57:51 2001), 转信

Squid Web Proxy Cache 拒绝服务漏洞 (Other,其他)
涉及程序：
Squid Web Proxy Cache
描述：
构造特殊 FTP 请求导致 Squid Web Proxy Cache 拒绝服务漏洞
详细：
Squid Web Proxy Cache 是一款开放源码的代理服务器。发现它在处理对 FTP 目录的请
求时存在漏洞，攻击者构造特殊的请求将能导致代理服务器拒绝服务，只有通过重启，
服务器才能恢复正常。
受影响系统：
National Science Foundation Squid Web Proxy beta-2.4.STABLE2
National Science Foundation Squid Web Proxy 2.2STABLE5
  - S.u.S.E. Linux 6.3
  - S.u.S.E. Linux 6.3 alpha
  - S.u.S.E. Linux 6.4alpha
  - S.u.S.E. Linux 6.4ppc
  - S.u.S.E. Linux 7.0
  - S.u.S.E. Linux 7.0alpha
  - S.u.S.E. Linux 7.0ppc
  - S.u.S.E. Linux 7.0sparc
  - S.u.S.E. Linux 7.1alpha
  - S.u.S.E. Linux 7.1ppc
  - S.u.S.E. Linux 7.1sparc
  - S.u.S.E. Linux 7.1x86
National Science Foundation Squid Web Proxy 2.3STABLE5
  - MandrakeSoft Corporate Server 1.0.1
  - MandrakeSoft Linux Mandrake 7.1
  - MandrakeSoft Linux Mandrake 7.2
  - MandrakeSoft Linux Mandrake 8.0
  - MandrakeSoft Linux Mandrake 8.0 ppc
  - MandrakeSoft Single Network Firewall 7.2
National Science Foundation Squid Web Proxy 2.3STABLE4
  - Caldera OpenLinux Server 3.1
  - Immunix Immunix OS 6.2
  - Immunix Immunix OS 7.0
  - Immunix Immunix OS 7.0beta
  - MandrakeSoft Corporate Server 1.0.1
  - MandrakeSoft Linux Mandrake 7.1
  - MandrakeSoft Linux Mandrake 7.2
  - MandrakeSoft Linux Mandrake 8.0
  - MandrakeSoft Single Network Firewall 7.2
  - RedHat Linux 6.2 alpha
  - RedHat Linux 6.2 i386
  - RedHat Linux 6.2 sparc
  - RedHat Linux 7.0 alpha
  - RedHat Linux 7.0 i386
  - RedHat Linux 7.1 alpha
  - RedHat Linux 7.1 i386
  - RedHat Linux 7.1 ia64
  - S.u.S.E. Linux 6.4
  - S.u.S.E. Linux 6.4alpha
  - S.u.S.E. Linux 6.4ppc
  - S.u.S.E. Linux 7.0
  - S.u.S.E. Linux 7.0alpha
  - S.u.S.E. Linux 7.0ppc
  - S.u.S.E. Linux 7.0sparc
  - S.u.S.E. Linux 7.1alpha
  - S.u.S.E. Linux 7.1ppc
  - S.u.S.E. Linux 7.1sparc
  - S.u.S.E. Linux 7.1x86
  - S.u.S.E. Linux 7.2
  - S.u.S.E. Linux 7.3
  - Trustix Secure Linux 1.01
  - Trustix Secure Linux 1.1
  - Trustix Secure Linux 1.2
National Science Foundation Squid Web Proxy 2.3STABLE3
  - MandrakeSoft Corporate Server 1.0.1
  - MandrakeSoft Linux Mandrake 7.1
  - MandrakeSoft Linux Mandrake 7.2
  - MandrakeSoft Linux Mandrake 8.0
  - MandrakeSoft Single Network Firewall 7.2
  - RedHat Linux 7.0
  - Trustix Secure Linux 1.01
  - Trustix Secure Linux 1.1
  - Trustix Secure Linux 1.2
National Science Foundation Squid Web Proxy 2.3STABLE2
  - MandrakeSoft Corporate Server 1.0.1
  - MandrakeSoft Linux Mandrake 7.1
  - MandrakeSoft Linux Mandrake 7.2
  - MandrakeSoft Linux Mandrake 8.0
  - MandrakeSoft Single Network Firewall 7.2
  - Trustix Secure Linux 1.01
  - Trustix Secure Linux 1.1
  - Trustix Secure Linux 1.2
National Science Foundation Squid Web Proxy 2.3
National Science Foundation Squid Web Proxy 2.4STABLE1
  - MandrakeSoft Linux Mandrake 8.1
  - RedHat Linux 7.2
  - S.u.S.E. Linux 7.2
National Science Foundation Squid Web Proxy 2.4PRE-STABLE2
National Science Foundation Squid Web Proxy 2.4PRE-STABLE
National Science Foundation Squid Web Proxy 2.4DEVEL4
National Science Foundation Squid Web Proxy 2.4DEVEL2
National Science Foundation Squid Web Proxy 2.4
解决方案：
下载安装升级版本：
National Science Foundation Squid Web Proxy beta-2.4.STABLE2:
S.u.S.E. RPM 7.2 i386 squid-beta-2.4.STABLE1-85.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/squid-beta-2.4.STABLE1-85.i38
6.rpm
National Science Foundation Squid Web Proxy 2.2STABLE5:
S.u.S.E. RPM 6.3 alpha squid2-2.2.STABLE5-24.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/squid2-2.2.STABLE5-24.alpha.rp
m
S.u.S.E. RPM 7.1 ppc squid2-2.2.STABLE5-191.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/squid2-2.2.STABLE5-191.ppc.rpm

S.u.S.E. RPM 7.0 ppc squid2-2.2.STABLE5-191.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/squid2-2.2.STABLE5-191.ppc.rpm

S.u.S.E. RPM 6.4 ppc squid2-2.2.STABLE5-191.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/squid2-2.2.STABLE5-191.ppc.rpm

S.u.S.E. RPM 7.1 i386 squid2-2.2.STABLE5-203.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/squid2-2.2.STABLE5-203.i386.r
pm
S.u.S.E. RPM 7.0 i386 squid2-2.2.STABLE5-203.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/squid2-2.2.STABLE5-203.i386.r
pm
S.u.S.E. RPM 6.4 i386 squid2-2.2.STABLE5-203.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/squid2-2.2.STABLE5-203.i386.r
pm
S.u.S.E. RPM 6.3 i386 squid2-2.2.STABLE5-25.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/squid2-2.2.STABLE5-25.i386.rp
m
S.u.S.E. RPM 7.1 sparc squid2-2.2.STABLE5-199.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/squid2-2.2.STABLE5-199.sparc
.rpm
S.u.S.E. RPM 7.0 sparc squid2-2.2.STABLE5-200.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/squid2-2.2.STABLE5-200.sparc
.rpm
S.u.S.E. RPM 7.1 alpha squid2-2.2.STABLE5-211.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/squid2-2.2.STABLE5-211.alpha.r
pm
S.u.S.E. RPM 7.0 alpha squid2-2.2.STABLE5-211.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/squid2-2.2.STABLE5-211.alpha.r
pm
National Science Foundation Squid Web Proxy 2.3STABLE5:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
MandrakeSoft Upgrade 7.1 i586 squid-2.3.STABLE5-2.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
MandrakeSoft Upgrade 7.2 i586 squid-2.3.STABLE5-2.2mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
MandrakeSoft Upgrade 8.0 i586 squid-2.3.STABLE5-2.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
MandrakeSoft Upgrade 8.0 ppc squid-2.3.STABLE5-2.1mdk.ppc.rpm
http://www.linux-mandrake.com/en/ftp.php3
MandrakeSoft Upgrade 1.0.1 i586 squid-2.3.STABLE5-2.3mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
MandrakeSoft Upgrade snf7.2 squid-2.3.STABLE5-2.4mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
National Science Foundation Squid Web Proxy 2.3STABLE4:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
RedHat Upgrade 6.2 alpha squid-2.3.STABLE4-10.6.2.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/squid-2.3.STABLE4-10.6.2.alpha.rpm
S.u.S.E. RPM 7.0 alpha squid23-2.3.STABLE4-59.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/squid23-2.3.STABLE4-59.alpha.r
pm
S.u.S.E. RPM 6.4 alpha squid23-2.3.STABLE4-59.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/squid23-2.3.STABLE4-59.alpha.r
pm
S.u.S.E. RPM 7.1 ppc squid23-2.3.STABLE4-59.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/squid23-2.3.STABLE4-59.ppc.rpm

S.u.S.E. RPM 7.0 ppc squid23-2.3.STABLE4-59.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/squid23-2.3.STABLE4-59.ppc.rpm

S.u.S.E. RPM 6.4 ppc squid23-2.3.STABLE4-59.ppc.rpm
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/squid23-2.3.STABLE4-59.ppc.rpm

RedHat Upgrade 6.2 i386 squid-2.3.STABLE4-10.6.2.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/squid-2.3.STABLE4-10.6.2.i386.rpm
RedHat Upgrade 6.2 sparc squid-2.3.STABLE4-10.6.2.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/squid-2.3.STABLE4-10.6.2.sparc.rpm
RedHat Upgrade 7.0 i386 squid-2.3.STABLE4-10.7.0.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/squid-2.3.STABLE4-10.7.0.i386.rpm
RedHat Upgrade 7.1 alpha squid-2.3.STABLE4-10.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/squid-2.3.STABLE4-10.7.1.alpha.rpm
RedHat Upgrade 7.1 i386 squid-2.3.STABLE4-10.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/squid-2.3.STABLE4-10.7.1.i386.rpm
RedHat Upgrade 7.1 ia64 squid-2.3.STABLE4-10.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/squid-2.3.STABLE4-10.7.1.ia64.rpm
S.u.S.E. RPM 7.2 i386 squid-2.3.STABLE4-131.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/squid-2.3.STABLE4-131.i386.rp
m
S.u.S.E. RPM 7.1 i386 squid23-2.3.STABLE4-57.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/squid23-2.3.STABLE4-57.i386.r
pm
S.u.S.E. RPM 7.0 i386 squid23-2.3.STABLE4-57.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/squid23-2.3.STABLE4-57.i386.r
pm
S.u.S.E. RPM 6.4 i386 squid23-2.3.STABLE4-57.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/squid23-2.3.STABLE4-57.i386.r
pm
S.u.S.E. RPM 7.1 sparc squid23-2.3.STABLE4-52.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/squid23-2.3.STABLE4-52.sparc
.rpm
S.u.S.E. RPM 7.0 sparc squid23-2.3.STABLE4-53.sparc.rpm
ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/squid23-2.3.STABLE4-53.sparc
.rpm
S.u.S.E. RPM 7.1 alpha squid23-2.3.STABLE4-59.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/squid23-2.3.STABLE4-59.alpha.r
pm
National Science Foundation Squid Web Proxy 2.3STABLE3:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
National Science Foundation Squid Web Proxy 2.3STABLE2:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
National Science Foundation Squid Web Proxy 2.3:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
National Science Foundation Squid Web Proxy 2.4STABLE1:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
MandrakeSoft Upgrade 8.1 i586 squid-2.4.STABLE1-8.1mdk.i586.rpm
http://www.linux-mandrake.com/en/ftp.php3
RedHat Upgrade 7.2 i386 squid-2.4.STABLE1-6.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/squid-2.4.STABLE1-6.i386.rpm
National Science Foundation Squid Web Proxy 2.4PRE-STABLE2:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
National Science Foundation Squid Web Proxy 2.4PRE-STABLE:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
National Science Foundation Squid Web Proxy 2.4DEVEL4:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
National Science Foundation Squid Web Proxy 2.4DEVEL2:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38
National Science Foundation Squid Web Proxy 2.4:
National Science Foundation Patch mkdir-only PUT patch source code
http://www.squid-cache.org/bugs/showattachment.cgi?attach_id=38

--
M.X的FTP SERVER
ftp://192.168.55.18

※ 来源:·荔园晨风BBS站 bbs.szu.edu.cn·[FROM: 203.93.19.1]

荔园在线首页友情链接：深圳大学深大招生荔园晨风BBS S-Term软件网络书店