__________________________________________________________________
Squid Proxy Cache Security Update Advisory SQUID-2005:5
__________________________________________________________________
Advisory ID: SQUID-2005:5
Date: April 23, 2005
Summary: HTTP Response Splitting Vulnerabilities
Affected versions: Squid 2.5.STABLE7 and earlier
__________________________________________________________________
/Advisories/SQUID-2005_5.txt
__________________________________________________________________
Problem Description:
Squid is susceptible to a class of attacks known as "HTTP Response
Splitting." These attacks involve tricking servers into sending
malformed or unexpected HTTP responses by exploiting weaknesses
in input validation on dynamic pages. This may in some situations
lead to cache poisoning.
__________________________________________________________________
Severity:
This problem is serious because it allows an determined attacker
with control over a client to poison Squid's cache on sites
where this attack is possible.
However, the major aspects of this problem is easily fixed by
disabling (at least temporarily) HTTP persistent connections
as Squid already has several built-in sanity checks against this
type of attack.
Due to the nature of this attack it is impossible to fully cover
all aspects at the proxy, but with the changes introduced
utilizing this weakness of HTTP servers via a Squid proxy is
considerably harder and will with a very high probability leave
visible traces in cache.log of the Squid server making it easier
to detect any such activity on your network.
__________________________________________________________________
Collateral Damage:
After closing these vulnerabilities, Squid will emit warnings
on certain web sites sending oversized responses without an
attack actually taking place.
__________________________________________________________________
Updated Packages:
This bug is fixed by Squid version 2.5.STABLE8
In addition, two patches addressing different aspects of this
problem can be found In our our patch archive for version
Squid-2.5.STABLE7:
/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting
/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers
These patches depends on the header_parsing patch mentioned in
Squid Advisory SQUID-2005:4
/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing
If you are using a prepackaged version of Squid then please refer
to the package vendor for availability information on updated
packages.
__________________________________________________________________
Determining if your version is vulnerable:
Squid versions up to, and including, 2.5.STABLE7 are vulnerable.
__________________________________________________________________
Workarounds:
The simplest workaround is to disable HTTP persistent connections.
Add these lines to your squid.conf:
client_persistent_connections off
server_persistent_connections off
__________________________________________________________________
Contact details for the Squid project:
For installation / upgrade support: Your first point of contact
should be your binary package vendor.
If your install is built from the original Squid sources, then
the squid-users@squid-cache.org mailing list is your primary
support point. (see
for subscription details).
For bug reporting, particularly security related bugs the
squid-bugs@squid-cache.org mailing list is the appropriate forum.
It's a closed list (though anyone can post) and security related
bug reports are treated in confidence until the impact has been
established. For non security related bugs, the squid bugzilla
database should be used .
__________________________________________________________________
Credits:
The vulnerability was published by Watchfire in their HTTP Response
Splitting whitepaper
__________________________________________________________________
Revision history:
2005-04-23 07:15 GMT Initial version
2010-09-16 07:05 GMT Reference link updates
__________________________________________________________________
END
387 Captain Parks, however, agreed with Mr. Everdail, who trusted him absolutely—if Sandy did not—that it would be wise not to give any person who had been on the yacht during its crossing any chance to get away. Felipa stood leaning listlessly against the post of the ramada, watching them. After a time she went into the adobe and came out with a pair of field-glasses, following the course of the command as it wound along among the foot-hills. The day dragged dully along. She was uneasy about her husband, her nerves were shaken with the coffee and quinine, and she was filled,[Pg 76] moreover, with a vague restlessness. She would have sent for her horse and gone out even in the clouds of dust and the wind like a hot oven, but Landor had forbidden her to leave the post. Death in the tip of a poisoned arrow, at the point of a yucca lance, or from a more merciful bullet of lead, might lurk behind any mesquite bush or gray rock. Chapter 9 "Very well," answered the Deacon a little stiffly, for he was on his guard against cordial strangers. "Deed he was," answered Si. "He and his fathers before him run' this whole neck o' woods accordin' to the big Injun taste, and give the Army o' the United States all they wanted to do. Used to knock all the other Injuns around here about like ten-pins. The Rosses were bosses from the word go." Little Pete had an idea. He wriggled in between, snatched the glasses, and made off with them. Dara looked away. "I have my song," she said. HoME日韩一级特黄高清免费自拍
ENTER NUMBET 0017
www.158zy.net.cn
mkpay.net.cn
www.lusi7.com.cn
liexi7.net.cn
zushi3.com.cn
www.muxue2.net.cn
laite7.net.cn
www.jutai0.net.cn
91cyhd.com.cn
868360.org.cn