漏洞信息详情
Squid代理未明DNS欺骗漏洞
- CNNVD编号:CNNVD-200505-940
- 危害等级: 中危
![图片[1]-Squid代理未明DNS欺骗漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-06-29/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2005-1519
- 漏洞类型:
资料不足
- 发布时间:
2005-05-11
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
squid - 漏洞来源:
Squid -
漏洞简介
Squid 2.5 STABLE9及更早版本,当DNS客户端端口未经过滤并且环境未防止IP欺骗时,远程攻击者可以进行DNS解析欺骗。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Trustix Secure Linux 1.5
Trustix kernel-2.2.26-2tr.i586.rpm
TSL 1.5
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-BOOT-2.2.26-2tr.i586.rpm
TSL 1.5
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-doc-2.2.26-2tr.i586.rpm
TSL 1.5
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-headers-2.2.26-2tr.i586.rpm
TSL 1.5
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-smp-2.2.26-2tr.i586.rpm
TSL 1.5
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-source-2.2.26-2tr.i586.rpm
TSL 1.5
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-utils-2.2.26-2tr.i586.rpm
TSL 1.5
ftp://ftp.trustix.org/pub/trustix/updates
Trustix Secure Linux 2.2
Trustix kernel-2.4.30-4tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-BOOT-2.4.30-4tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-doc-2.4.30-4tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-smp-2.4.30-4tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-source-2.4.30-4tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix kernel-utils-2.4.30-4tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Trustix squid-2.5.STABLE9-6tr.i586.rpm
TSL 2.2
ftp://ftp.trustix.org/pub/trustix/updates
Squid Web Proxy Cache 2.3 .STABLE4
Turbolinux squid-2.5.STABLE10-3.i586.rpm
Turbolinux 7 Workstation:
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/squid-2.5.STABLE10-3.i586.rpm
Squid Web Proxy Cache 2.4 .STABLE6
RedHat squid-2.4.STABLE7-0.73.3.legacy.i386.rpm
Red Hat Linux 7.3:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/squid-2.4.STA BLE7-0.73.3.legacy.i386.rpm
Turbolinux squid-2.5.STABLE10-3.i586.rpm
Turbolinux 8 Server:
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/squid-2.5.STABLE10-3.i586.rpm
Turbolinux squid-2.5.STABLE10-3.i586.rpm
Turbolinux 8 Workstation:
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/squid-2.5.STABLE10-3.i586.rpm
Squid Web Proxy Cache 2.4 .STABLE2
Turbolinux squid-2.5.STABLE10-3.i586.rpm
Turbolinux 7 Server:
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/squid-2.5.STABLE10-3.i586.rpm
Squid Web Proxy Cache 2.5 .STABLE6
Fedora squid-2.5.STABLE9-1.FC3.6.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
Fedora squid-2.5.STABLE9-1.FC3.6.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
Fedora squid-debuginfo-2.5.STABLE9-1.FC3.6.i386.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
Fedora squid-debuginfo-2.5.STABLE9-1.FC3.6.x86_64.rpm
RedHat Fedora Core 3
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
Turbolinux squid-2.5.STABLE10-3.i586.rpm
Turbolinux 10 Server
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/squid-2.5.STABLE10-3.i586.rpm
Turbolinux squid-debug-2.5.STABLE10-3.i586.rpm
Turbolinux 10 Server:
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/squid-debug-2.5.STABLE10-3.i586.rpm
Ubuntu squid-cgi_2.5.5-6ubuntu0.9_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.9_amd64.deb
Ubuntu squid-cgi_2.5.5-6ubuntu0.9_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.9_i386.deb
Ubuntu squid-cgi_2.5.5-6ubuntu0.9_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.9_powerpc.deb
Ubuntu squid-common_2.5.5-6ubuntu0.9_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.5.5 -6ubuntu0.9_all.deb
Ubuntu squid_2.5.5-6ubuntu0.9_amd64.deb
Ubuntu 4.10 (Warty Warthog)
参考网址
来源: www.squid-cache.org
链接:http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query
来源: SECUNIA
名称: 15294
链接:http://secunia.com/advisories/15294
来源: FEDORA
名称: FEDORA-2005-373
链接:http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html
来源: VUPEN
名称: ADV-2005-0521
链接:http://www.frsirt.com/english/advisories/2005/0521
来源: BID
名称: 13592
链接:http://www.securityfocus.com/bid/13592
来源: REDHAT
名称: RHSA-2005:489
链接:http://www.redhat.com/support/errata/RHSA-2005-489.html
来源: DEBIAN
名称: DSA-751
链接:http://www.debian.org/security/2005/dsa-751
来源: FEDORA
名称: FLSA-2006:152809
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
