Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0211

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0211
Last Modified 21 Aug 2010 12:25:40
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0211

Summary

Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.

Vulnerable Systems

Application

  • Squid 2.5.stable1

  • Squid 2.5.stable2

  • Squid 2.5.stable3

  • Squid 2.5.stable4

  • Squid 2.5.stable5

  • Squid 2.5.stable6


References

CERT-VN - VU#886006

CONFIRM - http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patch

CONFIRM - http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow

REDHAT - RHSA-2005:061

REDHAT - RHSA-2005:060

SUSE - SUSE-SA:2005:006

DEBIAN - DSA-667

BUGTRAQ - 20050207 [USN-77-1] Squid vulnerabilities

BID - 12432

OSVDB - 13319

MANDRAKE - MDKSA-2005:034

SECTRACK - 1013045

SECUNIA - 14076

FEDORA - FLSA-2006:152809


Last Updated: 27 May 2016 10:39:43