Re: Bug#140112: squid: SQUID-2002:2; possibly exploitable segfault in DNS reply parsing.

To: Tommi Virtanen <tv@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Bug#140112: squid: SQUID-2002:2; possibly exploitable segfault in DNS reply parsing.
From: Turbo Fredriksson <turbo@debian.org>
Date: 27 Mar 2002 13:59:01 +0100
Message-id: <[🔎] 87ofha5fqi.fsf@papadoc.bayour.com>
In-reply-to: <20020327080458.7566D3F944@ki.yok.utu.fi>
References: <20020327080458.7566D3F944@ki.yok.utu.fi>

>>>>> "Tommi" == Tommi Virtanen <tv@debian.org> writes:

    Tommi> __________________________________________________________________
    Tommi>       Squid Proxy Cache Security Update Advisory
    Tommi> SQUID-2002:2
    Tommi> __________________________________________________________________

How is this exploitable? I know 'possibly exploitable' but is there any theory
how this could be done?

    Tommi>    DNS Socket created at 0.0.0.0, port 4345, FD 5

Mine say

        DNS Socket created on FD 5

But I asume mine is vulnerable (using 2.4.4-1). Is there any backport of the
fix for this release?
-- 
BATF Saddam Hussein SDI cryptographic genetic Peking Nazi security
jihad ammonium Noriega Delta Force spy Soviet tritium
[See http://www.aclu.org/echelonwatch/index.html for more about this]


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Bug#140112: squid: SQUID-2002:2; possibly exploitable segfault in DNS reply parsing.
  - From: "Miquel van Smoorenburg" <miquels@cistron.nl>

Prev by Date: Debian's problems, Debian's future
Next by Date: Re: Debian's problems, Debian's future
Previous by thread: Re: Debian's problems, Debian's future
Next by thread: Re: Bug#140112: squid: SQUID-2002:2; possibly exploitable segfault in DNS reply parsing.
Index(es):
- Date
- Thread