安全研究

安全漏洞
Squid处理WCCP消息远程拒绝服务漏洞

发布日期:2005-01-13
更新日期:2005-02-04

受影响系统:
Squid Web Proxy Cache 2.5 STABLE7
描述:
BUGTRAQ  ID: 12275
CVE(CAN) ID: CVE-2005-0095

Squid是一个高效的Web缓存及代理程序,Squid最初是为Unix平台开发的,现在也被移植到Linux和大多数的Unix类系统中,最新的Squid可以运行在Windows平台下。

Squid处理WCCP消息存在问题,远程攻击者可以利用这个漏洞使Squid服务崩溃。

供应商报告远程用户可以发送特殊构建的把'number of caches'字段设置为1-32之外值的WCCP_I_SEE_YOU包,并伪造地址,如果Squid启用的情况下,Squid就会崩溃。

<*来源:Squid (squidsecurity@hushmail.com
  
  链接:http://www.securitytracker.com/alerts/2005/Jan/1012882.html
        http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000923
        http://www.debian.org/security/2005/dsa-651
        http://www.linux-mandrake.com/en/security/2005/2005-014.php
*>

建议:
厂商补丁:

Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2005:923)以及相应补丁:
CLA-2005:923:squid
链接:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000923

补丁下载:

ftp://atualizacoes.conectiva.com.br/10/SRPMS/squid-2.5.5-63116U10_6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-2.5.5-63116U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-auth-2.5.5-63116U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/10/RPMS/squid-extra-templates-2.5.5-63116U10_6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/squid-2.5.5-25761U90_9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-2.5.5-25761U90_9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-auth-2.5.5-25761U90_9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squid-extra-templates-2.5.5-25761U90_9cl.i386.rpm

Debian
------
Debian已经为此发布了一个安全公告(DSA-651-1)以及相应补丁:
DSA-651-1:New squid packages fix denial of service
链接:http://www.debian.org/security/2002/dsa-651

补丁下载:
Source archives:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5.dsc
Size/MD5 checksum:      612 69bd41324bb88cc4a76fcacba1f6cb9b
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5.diff.gz
Size/MD5 checksum:   227846 52f6d82e486f23dba4240260dc64ea57
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6.orig.tar.gz
Size/MD5 checksum:  1081920 59ce2c58da189626d77e27b9702ca228

Alpha architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_alpha.deb
Size/MD5 checksum:   814804 684a7a602a7dce53d3e2d5ea526cdfeb
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_alpha.deb
Size/MD5 checksum:    75340 061412b8ca998b1ae5a7c576eac51425
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_alpha.deb
Size/MD5 checksum:    60094 8ecf3345226d4023c661cb5950929d5c

ARM architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_arm.deb
Size/MD5 checksum:   725286 b9103ba40dfcc47200b971a0ad123bb9
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_arm.deb
Size/MD5 checksum:    73116 fe083c2e4e65e0bcff82b42c292f9c69
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_arm.deb
Size/MD5 checksum:    58444 225728ea1d83a4f999cbcd1cbc918471

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_i386.deb
Size/MD5 checksum:   684376 bd4f50309316282ffdf9012e6a051349
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_i386.deb
Size/MD5 checksum:    72850 f0f790e828a53ae94406c68d8c386ac7
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_i386.deb
Size/MD5 checksum:    58014 9f2e5d189aa0df9d01d47c6870ca25f9

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_ia64.deb
Size/MD5 checksum:   953366 146cb3cfadbb09b473289462fcb85c4e
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_ia64.deb
Size/MD5 checksum:    79224 6a83889272e28d86602d86358929196b
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_ia64.deb
Size/MD5 checksum:    62766 6b48ca53c8bc2f0972a1b4653d04fa54

HP Precision architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_hppa.deb
Size/MD5 checksum:   779204 684c9f7e7b7bd4abda5eda0890974951
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_hppa.deb
Size/MD5 checksum:    74562 861f28d3d058c56d620ce557b488780f
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_hppa.deb
Size/MD5 checksum:    59574 16d03b269cb3d067cd6129b9bf1eccdc

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_m68k.deb
Size/MD5 checksum:   665532 da4701e4506c91a7297ebe41314d88cd
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_m68k.deb
Size/MD5 checksum:    72460 3ad96b1dc107bbaafd67592f8477bab4
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_m68k.deb
Size/MD5 checksum:    57678 0202dafa52ea24eb34c3d477459ad287

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_mips.deb
Size/MD5 checksum:   764854 c97c148f54c9d80e9d3d6c127894813b
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_mips.deb
Size/MD5 checksum:    74028 d49e9634ed353d8b713f4d80de731b61
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_mips.deb
Size/MD5 checksum:    58730 762b4bb651f8531208db4cd941a06560

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_mipsel.deb
Size/MD5 checksum:   764702 d134fdcf4916a521147f94837e2e544e
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_mipsel.deb
Size/MD5 checksum:    74118 9bdfc6bc5e7f752df213cdffb197f877
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_mipsel.deb
Size/MD5 checksum:    58838 edc757de19a59274fcb2a3d32791dcc0

PowerPC architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_powerpc.deb
Size/MD5 checksum:   722068 9c18747e4a7e6b15c05ab547efc59993
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_powerpc.deb
Size/MD5 checksum:    73100 7af618b2b8b1e225af2631a07da615d8
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_powerpc.deb
Size/MD5 checksum:    58322 23f79cf266df794a375ba75b2a973026

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_s390.deb
Size/MD5 checksum:   711584 f750ce9dd12460574b2c69031d3933bf
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_s390.deb
Size/MD5 checksum:    73442 e9a485219baaec097b7d432ba4ea8a26
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_s390.deb
Size/MD5 checksum:    58876 4ab64ae10b353e69facfcc59fa6fa0ab

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody5_sparc.deb
Size/MD5 checksum:   724314 d4af1a337ee603d7b1039f132996b0bf
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody5_sparc.deb
Size/MD5 checksum:    75728 9974f32b84edb4969c9216742e9c9f73
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody5_sparc.deb
Size/MD5 checksum:    60762 a7aad73eabef840dd648ef058dc852d5





补丁安装方法:

1. 手工安装补丁包:

  首先,使用下面的命令来下载补丁软件:
  # wget url  (url是补丁下载链接地址)

  然后,使用下面的命令来安装补丁:  
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

   首先,使用下面的命令更新内部数据库:
   # apt-get update
  
   然后,使用下面的命令安装更新软件包:
   # apt-get upgrade

MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2005:014)以及相应补丁:
MDKSA-2005:014:Updated squid packages fix
链接:http://www.linux-mandrake.com/en/security/2005/2005-014.php

补丁下载:
Updated Packages:

Mandrakelinux 10.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/10.0/RPMS/squid-2.5.STABLE4-2.3.100mdk.amd64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/amd64/10.0/SRPMS/squid-2.5.STABLE4-2.3.100mdk.src.rpm

Mandrakelinux 10.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/10.1/RPMS/squid-2.5.STABLE6-2.2.101mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/10.1/SRPMS/squid-2.5.STABLE6-2.2.101mdk.src.rpm

Corporate Server 2.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm

Corporate Server 2.1/x86_64:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/RPMS/squid-2.4.STABLE7-2.3.C21mdk.x86_64.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/x86_64/corporate/2.1/SRPMS/squid-2.4.STABLE7-2.3.C21mdk.src.rpm

Corporate Server 3.0:

上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php

Squid
-----
http://www.debian.org/security/2005/dsa-651

浏览次数:3432
严重程度:1(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障