exploits , vulnerabilities , articles , Squid Proxy Cache Update Reply Processing Remote Denial of Service Vulnerability

Title	Squid Proxy Cache Update Reply Processing Remote Denial of Service Vulnerability
Published	2007-11-27-12:00AM
Updated	2008-02-05-10:56PM
Class	Boundary Condition Error
CVE	CVE-2007-6239
Remote	Yes
Local	No
Credit	The vendor credits Wikimedia Foundation for identifying this issue.
Vulnerable	Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 11 x64 Turbolinux Turbolinux Server 11 Turbolinux Turbolinux Server 10.0.0 x64 Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Appliance Server Hosting Edition 1.0 Turbolinux Appliance Server 1.0 Workgroup Edition Turbolinux Appliance Server 1.0 Hosting Edition Turbolinux Appliance Server 2.0 Squid Web Proxy Cache 3.0 PRE3 Squid Web Proxy Cache 3.0 PRE2 Squid Web Proxy Cache 3.0 PRE1 Squid Web Proxy Cache 3.0 Squid Web Proxy Cache 2.5 .STABLE9 Squid Web Proxy Cache 2.5 .STABLE8 Squid Web Proxy Cache 2.5 .STABLE7 Conectiva Linux 10.0 Conectiva Linux 9.0 Gentoo Linux RedHat Fedora Core3 RedHat Fedora Core2 Squid Web Proxy Cache 2.5 .STABLE6 MandrakeSoft Linux Mandrake 10.1 x86_64 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 Turbolinux Appliance Server 1.0 Workgroup Edition Turbolinux Appliance Server 1.0 Hosting Edition Turbolinux Appliance Server Hosting Edition 1.0 Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Server 7.0 Turbolinux Turbolinux Workstation 8.0 Turbolinux Turbolinux Workstation 7.0 Squid Web Proxy Cache 2.5 .STABLE5 Squid Web Proxy Cache 2.5 .STABLE4 MandrakeSoft Corporate Server 3.0 MandrakeSoft Linux Mandrake 10.0 AMD64 MandrakeSoft Linux Mandrake 10.0 OpenPKG OpenPKG 2.0 OpenPKG OpenPKG Current Squid Web Proxy Cache 2.5 .STABLE3 MandrakeSoft Linux Mandrake 9.2 amd64 MandrakeSoft Linux Mandrake 9.2 OpenPKG OpenPKG 1.3 RedHat Desktop 3.0 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux WS 3 RedHat Fedora Core1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 Squid Web Proxy Cache 2.5 .STABLE10 Squid Web Proxy Cache 2.5 .STABLE10 Squid Web Proxy Cache 2.5 .STABLE1 Squid Web Proxy Cache 2.4 .STABLE7 MandrakeSoft Corporate Server 2.1 x86_64 MandrakeSoft Corporate Server 2.1 MandrakeSoft Multi Network Firewall 2.0 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Linux Advanced Work Station 2.1 Squid Web Proxy Cache 2.4 .STABLE6 Squid Web Proxy Cache 2.4 .STABLE4 Squid Web Proxy Cache 2.4 .STABLE2 Squid Web Proxy Cache 2.4 Squid Web Proxy Cache 2.3 .STABLE5 Squid Web Proxy Cache 2.3 .STABLE4 Squid Web Proxy Cache 2.1 PATCH2 Squid Web Proxy Cache 2.0 PATCH2 Squid Web Proxy Cache 2.6.STABLE7 Squid Web Proxy Cache 2.6.STABLE6 Squid Web Proxy Cache 2.6.STABLE5 Squid Web Proxy Cache 2.6.STABLE4 Squid Web Proxy Cache 2.6.STABLE3 Squid Web Proxy Cache 2.6.STABLE2 Squid Web Proxy Cache 2.6.STABLE16 Squid Web Proxy Cache 2.6.STABLE15 Squid Web Proxy Cache 2.6.STABLE14 Squid Web Proxy Cache 2.6.STABLE13 Squid Web Proxy Cache 2.6.STABLE12 Squid Web Proxy Cache 2.6.STABLE1 Squid Web Proxy Cache 2.6 Squid Web Proxy Cache 2.5.STABLE14 Squid Web Proxy Cache 2.5.STABLE13 Squid Web Proxy Cache 2.5.STABLE12 Squid Web Proxy Cache 2.5.STABLE11 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. Linux 10.1 x8664 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x8664 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc RedHat Fedora 8 0 RedHat Fedora 7 0 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 4.6.z RedHat Enterprise Linux ES 4.5.z RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux Desktop Workstation 5 client RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4.6.z RedHat Enterprise Linux AS 4.5.z RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Enterprise Linux 5 server RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 MandrakeSoft Multi Network Firewall 2.0 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia64 Debian Linux 4.0 ia32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0
Not Vulnerable	Squid Web Proxy Cache 2.6.STABLE17
Code	To exploit this issue, an attacker may use readily available networking tools.
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-15 Adobe Reader and Acrobat (CVE-2009-4324) Remote Code Execution Vulnerability
• 2009-12-14 Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability
• 2009-12-14 Google Chrome DNS Pre-Fetching Proxy Cache Information Disclosure Vulnerability
• 2009-12-14 Oracle E-Business Suite Multiple Remote Vulnerabilities
• 2009-12-14 MySQL Multiple Remote Denial Of Service Vulnerabilities
• 2009-12-14 Digital Scribe Multiple SQL Injection Vulnerabilities
• 2009-12-14 Microsoft WordPad and Office Text Converters Word 97 File Parsing Memory Corruption Vulnerability
• 2009-12-14 Microsoft Protected Extensible Authentication Protocol Memory Corruption Vulnerability
• 2009-12-14 WebKit Web Inspector Cross Site Scripting Vulnerability
• 2009-12-11 Symantec Veritas VRTSweb Incoming Data Remote Code Execution Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Tue, 15 Dec 2009 13:55:18 +0000