Debian alerted vendor-sec to these issues. CAN-2005-0094 "infamous41md" discovered a buffer overflow in the parser for Gopher responses which will lead to memory corruption and usually crash Squid. http://www.squid-cache.org/Advisories/SQUID-2005_1.txt http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch http://secunia.com/advisories/13825/ CAN-2005-0095 "infamous41md" discovered an integer overflow in the receiver of WCCP (Web Cache Communication Protocol) messages. An attacker could send a specially crafted UDP datagram that will cause Squid to crash. http://www.squid-cache.org/Advisories/SQUID-2005_2.txt http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch http://secunia.com/advisories/13825/ CAN-2005-0096 Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption). http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-fakeauth_auth.patch http://secunia.com/advisories/13789/ CAN-2005-0097 The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message. http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-fakeauth_auth.patch http://secunia.com/advisories/13789/
These issues should also affect RHEL2.1
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-061.html