首页 -> 安全研究

安全研究

安全漏洞
Squid Cache FTP代理URL缓冲区溢出漏洞

发布日期:2002-02-21
更新日期:2002-02-25

受影响系统:
National Science Foundation Squid Web Proxy 2.4STABLE3
National Science Foundation Squid Web Proxy 2.4STABLE2
National Science Foundation Squid Web Proxy 2.4STABLE1
National Science Foundation Squid Web Proxy 2.4
National Science Foundation Squid Web Proxy 2.3STABLE5
National Science Foundation Squid Web Proxy 2.3
National Science Foundation Squid Web Proxy 2.2
National Science Foundation Squid Web Proxy 2.1
National Science Foundation Squid Web Proxy 2.0
不受影响系统:
National Science Foundation Squid Web Proxy 2.4STABLE4
描述:
BUGTRAQ  ID: 4148
CVE(CAN) ID: CVE-2002-0068

Squid是一个运行于Linux/Unix系统下的Web服务代理程序。

Squid FTP代理程序在处理FTP URL时存在缓冲区溢出问题,远程攻击者可能利用这个漏洞对服务器程序实施拒绝服务攻击。

通过发送一个特别构造的ftp:// URL给Squid服务器程序,可能导致服务器程序崩溃,需要手工重启才能恢复功能。这个漏洞也有可能导致在服务器上以Squid进程的身份执行任意指令。

<*来源:Jouko Pynnonen (jouko@solutions.fi
        Henrik Nordstrom (hno@squid-cache.org
  
  链接:http://archives.neohapsis.com/archives/bugtraq/2002-02/0230.html
        http://www.squid-cache.org/Advisories/SQUID-2002_1.txt
        ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc
        http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000464
        https://www.redhat.com/support/errata/RHSA-2002-029.html
        http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016-1.php
        http://www.trustix.net/errata/misc/2002/TSL-2002-0031-squid.asc.txt
*>

建议:
临时解决方法:

如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:

* 拒绝Squid代理匿名ftp服务,在squid.conf文件的前面加入如下两行:

acl non-anonymous-ftp url_regex -i ^ftp://[^/@]*@
http_access deny non-anonymous-ftp

厂商补丁:

Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2002:464)以及相应补丁:
CLA-2002:464:squid
链接:

补丁下载:

ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/squid-2.3.5-1U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/squid-2.3.5-1U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/squid-2.3.5-1U51_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/squid-2.3.5-1U51_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/squid-2.3.5-1U60_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/squid-2.3.5-1U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/squid-2.4.1-4U70_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-templates-2.4.1-4U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-doc-2.4.1-4U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-auth-2.4.1-4U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/squid-2.4.1-4U70_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/squid-2.3.5-1U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/squid-2.3.5-1U50_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/squid-2.3.5-1U50_1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/squid-2.3.5-1U50_1cl.i386.rpm

FreeBSD
-------
FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-02:12)以及相应补丁:
FreeBSD-SA-02:12:multiple security vulnerabilities in squid port
链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:12.squid.asc

补丁下载:

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/www/squid-2.4_8.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/www/squid-2.4_8.tgz

MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2002:016-1)以及相应补丁:
MDKSA-2002:016-1:squid
链接:http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-016-1.php3

补丁下载:

_______________________________________________________________________

Updated Packages:

Linux-Mandrake 7.1:
60bb70afa95f2b43727bc8c9794fb0f9  7.1/RPMS/squid-2.4.STABLE4-1.5mdk.i586.rpm
a46c4bf51883fcfee529de2812f55458  7.1/SRPMS/squid-2.4.STABLE4-1.5mdk.src.rpm

Linux-Mandrake 7.2:
0c3cfdf038650a8c85e703c8859df8d7  7.2/RPMS/squid-2.4.STABLE4-1.5mdk.i586.rpm
a46c4bf51883fcfee529de2812f55458  7.2/SRPMS/squid-2.4.STABLE4-1.5mdk.src.rpm

Mandrake Linux 8.0:
174eaf577cfde553ee0b8eb301792cba  8.0/RPMS/squid-2.4.STABLE4-1.6mdk.i586.rpm
e1d0df4fe930669e3ba12b90caefeca3  8.0/SRPMS/squid-2.4.STABLE4-1.6mdk.src.rpm

Mandrake Linux 8.0/ppc:
375ecbfec5947e9f47be3ada5084fc88  ppc/8.0/RPMS/squid-2.4.STABLE4-1.6mdk.ppc.rpm
e1d0df4fe930669e3ba12b90caefeca3  ppc/8.0/SRPMS/squid-2.4.STABLE4-1.6mdk.src.rpm

Corporate Server 1.0.1:
60bb70afa95f2b43727bc8c9794fb0f9  1.0.1/RPMS/squid-2.4.STABLE4-1.5mdk.i586.rpm
a46c4bf51883fcfee529de2812f55458  1.0.1/SRPMS/squid-2.4.STABLE4-1.5mdk.src.rpm

Single Network Firewall 7.2:
0c3cfdf038650a8c85e703c8859df8d7  snf7.2/RPMS/squid-2.4.STABLE4-1.5mdk.i586.rpm
a46c4bf51883fcfee529de2812f55458  snf7.2/SRPMS/squid-2.4.STABLE4-1.5mdk.src.rpm
________________________________________________________________________

上述升级软件可以在下列地址中的任意一个镜像ftp服务器上下载:  
http://www.mandrakesecure.net/en/ftp.php

RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2002:029-09)以及相应补丁:
RHSA-2002:029-09:New squid packages available
链接:https://www.redhat.com/support/errata/RHSA-2002-029.html

补丁下载:

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/squid-2.4.STABLE3-1.6.2.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/squid-2.4.STABLE3-1.6.2.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/squid-2.4.STABLE3-1.6.2.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/squid-2.4.STABLE3-1.6.2.sparc.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/squid-2.4.STABLE3-1.7.0.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/squid-2.4.STABLE3-1.7.0.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/squid-2.4.STABLE3-1.7.0.i386.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/squid-2.4.STABLE3-1.7.1.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/squid-2.4.STABLE3-1.7.1.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/squid-2.4.STABLE3-1.7.1.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/squid-2.4.STABLE3-1.7.1.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/squid-2.4.STABLE3-1.7.2.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/squid-2.4.STABLE3-1.7.2.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/squid-2.4.STABLE3-1.7.2.ia64.rpm

Trustix
-------
Trustix已经为此发布了一个安全公告(TSLSA-2002-0031)以及相应补丁:
TSLSA-2002-0031:squid-cron
链接:http://www.trustix.net/errata/misc/2002/TSL-2002-0031-squid.asc.txt

补丁下载:

http://www.trustix.net/pub/Trustix/updates/squid-2.4.STABLE4-1tr.i586.rpm

Squid
-----
squid已经为此发布了一个安全公告(SQUID-2002:1)以及相应补丁:
SQUID-2002:1:Security adisory regarding three issues in most Squid-2.x versions up to and including Squid-2.4.STABLE3
链接:http://www.squid-cache.org/Advisories/SQUID-2002_1.txt

补丁下载:

已经在新版软件中修复了安全问题。
ftp://ftp.squid-cache.org/pub/squid-2/STABLE/
http://www.squid-cache.org/Versions/v2/2.4/

浏览次数:5224
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障
关于我们
公司介绍
公司荣誉
公司新闻
联系我们
公司总部
分支机构
海外机构
快速链接
绿盟云
绿盟威胁情报中心NTI
技术博客