Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•	Cisco all but kills Cius tablet computer
•	Windows 8 Update: Steve Ballmer's 80-inch Windows 8 tablet
•	Gartner: Don't trust cloud provider to protect your corporate assets
•	Take me out to the ballgame, with 4G
•	Most OpenOffice users run Windows
•	Smartphones with quad-core chips and 4G LTE coming soon
•	Government alarm over cyberattacks validated by terrorists
•	Lawmakers call on DOJ to reopen investigation into Google Wi-Fi spying
•	Researchers propose TLS extension to detect rogue SSL certificates
•	IaaS: Renting on-demand technology
•	Yahoo Axis may be game changer for search and the troubled company
•	Android, Apple Own 80% of Global Smartphone Market; Microsoft's Share, 2.2%
•	Managing Mobile Mania
•	Proposed New York Legislation Would Ban Anonymous Online Comments
•	Supercomputer to connect to 400PB of storage via Ethernet
•	More breaking news

/

SuSE Linux issues Squid security alert

By John Blau
IDG News Service, 07/10/02

SuSE Linux AG Tuesday announced it has detected five security vulnerabilities in the version of the Squid Web cache software included in its Linux distribution.

Squid is a high-performance proxy cache server software for Web clients, supporting FTP, gopher and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, nonblocking, I/O-driven process.

The severity of the errors in the package ranges from harmless to critical, according to SuSE in N�rnberg, Germany. The company points to vulnerabilities in gopher clients and the FTP directory parsing code, which could "remotely execute code introduced by attackers."

"Every open source vendor with Squid software, which is the most widely used cache proxy package, is affected," said Roman Drahtm�ller, director of SuSE's security team.

SuSE has released patches, which can be found, together with the company's security announcement.

Further information about the Squid Web proxy can be found here.

The IDG News Service is a Network World affiliate.

RELATED LINKS

Apply for your free subscription to Network World. Click here. Or get Network World delivered in PDF each week.

Request a reprint or permission to use this article.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.