Oval Definition:	oval:com.redhat.rhsa:def:20050766
Revision Date: 2005-09-15 Version: 502 Title: RHSA-2005:766: squid security update (Important) Description: Squid is a full-featured Web proxy cache. A bug was found in the way Squid displays error messages. A remote attacker could submit a request containing an invalid hostname which would result in Squid displaying a previously used error message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-2479 to this issue. Two denial of service bugs were found in the way Squid handles malformed requests. A remote attacker could submit a specially crafted request to Squid that would cause the server to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-2794 and CAN-2005-2796 to these issues. Please note that CAN-2005-2796 does not affect Red Hat Enterprise Linux 2.1 Users of Squid should upgrade to this updated package that contains backported patches, and is not vulnerable to these issues. Family: unix Class: patch Status: Reference(s): CVE-2004-2479 CVE-2005-2794 CVE-2005-2796 RHSA-2005:766-01 Platform(s): Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Product(s): Definition Synopsis Release Information Red Hat Enterprise Linux 3 is installed AND squid is earlier than 7:2.5.STABLE3-6.3E.14 AND squid is signed with Red Hat master key OR Package Information Red Hat Enterprise Linux 4 is installed AND squid is earlier than 7:2.5.STABLE6-3.4E.11 AND squid is signed with Red Hat master key
BACK