[H-GEN] Help! How to

Peter Arnold arnoldpj at optushome.com.au
Wed Jun 16 00:55:16 EDT 2004


> Peter Arnold wrote:
>>
>> To "update" an rpm with an earlier version use:
>> # rpm -Uvh --oldpackage squid-2.5.STABLE3-5.3E.i386.rpm
>> Preparing...           ###########################################
>> [100%]
>>    1:squid             ###########################################
>> [100%]
>> #
>>
>> Authentication has returned to normal.
>>
>
> The question now is what did the new package fix, and does that effect
> you in any way?
>
> --
> Regards,
> Harry Phillips
>

Well all indications are that I *should* install the update as it
addressed a vulnerability in NTLM which is an authentication system we do
use. However a fix ain't a fix if it breaks something else.

Redhat recommends updating to the latest version and I took their advice
rather than check it out for myself. Lazy I know but you should be able to
rely on the advice of a vendor whose support you have *already* paid for.

Redhat's info on this is:
###########################
Synopsis
Updated squid package fixes security vulnerability

Issued: 2004-06-09
Updated: 2004-06-09

Topic
An updated squid package that fixes a security vulnerability in
the NTLM authentication helper is now available.
Description
Squid is a full-featured Web proxy cache.

A buffer overflow was found within the NTLM authentication helper
routine. If Squid is configured to use the NTLM authentication helper,
a remote attacker could potentially execute arbitrary code by sending a
lengthy password. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0541 to this issue.

Note: The NTLM authentication helper is not enabled by default in Red Hat
Enterprise Linux 3. Red Hat Enterprise Linux 2.1 is not vulnerable to this
issue as it shipped with a version of Squid which did not contain the helper.

Users of Squid should update to this errata package which contains a
backported patch that is not vulnerable to this issue.
Affected Channels
Red Hat Enterprise Linux ES (v. 3 for x86)
Red Hat Enterprise Linux WS (v. 3 for x86)

Fixes
CAN-2004-0541 Squid NTLM authentication helper overflow

Keywords
(none)
CVEs
CAN-2004-0541
References
http://www.idefense.com/application/poi/display?id=107
#############################

Cheers
Peter Arnold




More information about the General mailing list