Correction: Squid Cache DNS Lookup Spoofing Vulnerability
Fergie (Paul Ferguson)
fergdawg at netzero.net
Wed May 11 13:09:55 UTC 2005
Mea culpa:
The correct link for the appropriate patch(es):
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query
- ferg
-- "Fergie (Paul Ferguson)" <fergdawg at netzero.net> wrote:
Given the recent attention to all matters of DNS cache
poisoning (real or imagined), I figured this item might
of interest to the list. I know there's a lot of Squid
Caches out there...
- ferg
[snip]
Via Secunia:
http://secunia.com/advisories/15294/
Secunia Advisory: SA15294
Release Date: 2005-05-11
Impact: Spoofing
Where: From local network
Solution Status: Vendor Patch
Software: Squid 2.x
Description:
A vulnerability has been reported in Squid, which can
be exploited by malicious people to spoof DNS lookups.
The vulnerability is caused due to an unspecified
error in the DNS client when handling DNS responses
and can be exploited to spoof DNS lookups.
The vulnerability has been reported in version 2.5
and prior.
Solution:
Apply patch for version 2.5.STABLE9:
http://www.squid-cache.org/Versi...id-2.5.STABLE9-dns_query-2.patch
Original Advisory:
http://www.squid-cache.org/Versi...ugs/#squid-2.5.STABLE9-dns_query
[snip]
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg at netzero.net or fergdawg at sbcglobal.net
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the NANOG
mailing list