Search criteria Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.

41 vulnerabilities by squid

CVE-2009-0801 (GCVE-0-2009-0801)

Vulnerability from cvelistv5 – Published: 2009-03-04 16:00 – Updated: 2024-09-17 03:55
VLAI?
Summary
Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33858 vdb-entryx_refsource_BID
http://www.kb.cert.org/vuls/id/435052 third-party-advisoryx_refsource_CERT-VN
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:48:52.207Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33858",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33858"
          },
          {
            "name": "VU#435052",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/435052"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-03-04T16:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "33858",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33858"
        },
        {
          "name": "VU#435052",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/435052"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0801",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33858",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33858"
            },
            {
              "name": "VU#435052",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/435052"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0801",
    "datePublished": "2009-03-04T16:00:00.000Z",
    "dateReserved": "2009-03-04T00:00:00.000Z",
    "dateUpdated": "2024-09-17T03:55:01.224Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0478 (GCVE-0-2009-0478)

Vulnerability from cvelistv5 – Published: 2009-02-08 22:00 – Updated: 2024-08-07 04:31
VLAI?
Summary
Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/33604 vdb-entryx_refsource_BID
http://secunia.com/advisories/33731 third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200903-38.xml vendor-advisoryx_refsource_GENTOO
http://www.securityfocus.com/archive/1/500653/100… mailing-listx_refsource_BUGTRAQ
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=484246 x_refsource_CONFIRM
http://www.squid-cache.org/Versions/v2/2.7/change… x_refsource_CONFIRM
http://www.securitytracker.com/id?1021684 vdb-entryx_refsource_SECTRACK
http://www.squid-cache.org/Advisories/SQUID-2009_1.txt x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
https://www.exploit-db.com/exploits/8021 exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/34467 third-party-advisoryx_refsource_SECUNIA
Date Public ?
2009-02-02 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:31:26.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "33604",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33604"
          },
          {
            "name": "33731",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33731"
          },
          {
            "name": "GLSA-200903-38",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200903-38.xml"
          },
          {
            "name": "20090204 Squid Proxy Cache Denial of Service in request handling",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/500653/100/0/threaded"
          },
          {
            "name": "SUSE-SR:2009:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484246"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.7/changesets/12432.patch"
          },
          {
            "name": "1021684",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021684"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2009_1.txt"
          },
          {
            "name": "MDVSA-2009:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:034"
          },
          {
            "name": "8021",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/8021"
          },
          {
            "name": "34467",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34467"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-02-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "33604",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33604"
        },
        {
          "name": "33731",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33731"
        },
        {
          "name": "GLSA-200903-38",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200903-38.xml"
        },
        {
          "name": "20090204 Squid Proxy Cache Denial of Service in request handling",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/500653/100/0/threaded"
        },
        {
          "name": "SUSE-SR:2009:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484246"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.7/changesets/12432.patch"
        },
        {
          "name": "1021684",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021684"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2009_1.txt"
        },
        {
          "name": "MDVSA-2009:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:034"
        },
        {
          "name": "8021",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/8021"
        },
        {
          "name": "34467",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34467"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0478",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid 2.7 to 2.7.STABLE5, 3.0 to 3.0.STABLE12, and 3.1 to 3.1.0.4 allows remote attackers to cause a denial of service via an HTTP request with an invalid version number, which triggers a reachable assertion in (1) HttpMsg.c and (2) HttpStatusLine.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "33604",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33604"
            },
            {
              "name": "33731",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33731"
            },
            {
              "name": "GLSA-200903-38",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200903-38.xml"
            },
            {
              "name": "20090204 Squid Proxy Cache Denial of Service in request handling",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/500653/100/0/threaded"
            },
            {
              "name": "SUSE-SR:2009:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=484246",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484246"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.7/changesets/12432.patch",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.7/changesets/12432.patch"
            },
            {
              "name": "1021684",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021684"
            },
            {
              "name": "http://www.squid-cache.org/Advisories/SQUID-2009_1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Advisories/SQUID-2009_1.txt"
            },
            {
              "name": "MDVSA-2009:034",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:034"
            },
            {
              "name": "8021",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/8021"
            },
            {
              "name": "34467",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34467"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0478",
    "datePublished": "2009-02-08T22:00:00.000Z",
    "dateReserved": "2009-02-08T00:00:00.000Z",
    "dateUpdated": "2024-08-07T04:31:26.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-1612 (GCVE-0-2008-1612)

Vulnerability from cvelistv5 – Published: 2008-04-01 17:00 – Updated: 2024-08-07 08:24
VLAI?
Summary
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an incorrect fix for CVE-2007-6239.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.ubuntu.com/usn/usn-601-1 vendor-advisoryx_refsource_UBUNTU
https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/bid/28693 vdb-entryx_refsource_BID
http://secunia.com/advisories/29813 third-party-advisoryx_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/30032 third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2008/dsa-1646 vendor-advisoryx_refsource_DEBIAN
http://security.gentoo.org/glsa/glsa-200903-38.xml vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/27477 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/32109 third-party-advisoryx_refsource_SECUNIA
http://www.squid-cache.org/Advisories/SQUID-2007_2.txt x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2008-02… vendor-advisoryx_refsource_REDHAT
http://www.squid-cache.org/Versions/v2/2.6/change… x_refsource_MISC
http://marc.info/?l=squid-announce&m=120614453813… mailing-listx_refsource_MLIST
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/34467 third-party-advisoryx_refsource_SECUNIA
http://www.openwall.com/lists/oss-security/2008/04/01/5 mailing-listx_refsource_MLIST
Date Public ?
2008-03-22 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:24:43.052Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-601-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-601-1"
          },
          {
            "name": "FEDORA-2008-2740",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00560.html"
          },
          {
            "name": "28693",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28693"
          },
          {
            "name": "29813",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29813"
          },
          {
            "name": "SUSE-SR:2008:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
          },
          {
            "name": "30032",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30032"
          },
          {
            "name": "DSA-1646",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1646"
          },
          {
            "name": "GLSA-200903-38",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200903-38.xml"
          },
          {
            "name": "27477",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27477"
          },
          {
            "name": "squid-arrayshrink-dos(41586)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41586"
          },
          {
            "name": "MDVSA-2008:134",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:134"
          },
          {
            "name": "32109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32109"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2007_2.txt"
          },
          {
            "name": "RHSA-2008:0214",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0214.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.6/changesets/11882.patch"
          },
          {
            "name": "[squid-announce[ 20080322 Advisory Squid-2007:2 updated",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=squid-announce\u0026m=120614453813157\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:11376",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11376"
          },
          {
            "name": "34467",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34467"
          },
          {
            "name": "[oss-security] 20080401 CVE id request: squid",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2008/04/01/5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-03-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error.  NOTE: this issue is due to an incorrect fix for CVE-2007-6239."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-601-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-601-1"
        },
        {
          "name": "FEDORA-2008-2740",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00560.html"
        },
        {
          "name": "28693",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28693"
        },
        {
          "name": "29813",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29813"
        },
        {
          "name": "SUSE-SR:2008:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
        },
        {
          "name": "30032",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30032"
        },
        {
          "name": "DSA-1646",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1646"
        },
        {
          "name": "GLSA-200903-38",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200903-38.xml"
        },
        {
          "name": "27477",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27477"
        },
        {
          "name": "squid-arrayshrink-dos(41586)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41586"
        },
        {
          "name": "MDVSA-2008:134",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:134"
        },
        {
          "name": "32109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32109"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2007_2.txt"
        },
        {
          "name": "RHSA-2008:0214",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0214.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.6/changesets/11882.patch"
        },
        {
          "name": "[squid-announce[ 20080322 Advisory Squid-2007:2 updated",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=squid-announce\u0026m=120614453813157\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:11376",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11376"
        },
        {
          "name": "34467",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34467"
        },
        {
          "name": "[oss-security] 20080401 CVE id request: squid",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2008/04/01/5"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-1612",
    "datePublished": "2008-04-01T17:00:00.000Z",
    "dateReserved": "2008-04-01T00:00:00.000Z",
    "dateUpdated": "2024-08-07T08:24:43.052Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-6239 (GCVE-0-2007-6239)

Vulnerability from cvelistv5 – Published: 2007-12-04 18:00 – Updated: 2024-08-07 16:02
VLAI?
Summary
The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/28091 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/28412 third-party-advisoryx_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2008/dsa-1482 vendor-advisoryx_refsource_DEBIAN
http://secunia.com/advisories/28814 third-party-advisoryx_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/232881 third-party-advisoryx_refsource_CERT-VN
http://security.gentoo.org/glsa/glsa-200903-38.xml vendor-advisoryx_refsource_GENTOO
http://www.securityfocus.com/bid/26687 vdb-entryx_refsource_BID
http://www.redhat.com/support/errata/RHSA-2007-11… vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/28109 third-party-advisoryx_refsource_SECUNIA
http://www.squid-cache.org/Advisories/SQUID-2007_2.txt x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/28403 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/27910 third-party-advisoryx_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200801-05.xml vendor-advisoryx_refsource_GENTOO
http://www.vupen.com/english/advisories/2007/4066 vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/28350 third-party-advisoryx_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=410181 x_refsource_CONFIRM
http://www.securitytracker.com/id?1019036 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/28381 third-party-advisoryx_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=201209 x_refsource_CONFIRM
http://secunia.com/advisories/34467 third-party-advisoryx_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
http://www.ubuntu.com/usn/usn-565-1 vendor-advisoryx_refsource_UBUNTU
http://www.squid-cache.org/Versions/v2/2.6/change… x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
Date Public ?
2007-11-27 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:02:35.967Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28091",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28091"
          },
          {
            "name": "28412",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28412"
          },
          {
            "name": "FEDORA-2007-4161",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00507.html"
          },
          {
            "name": "DSA-1482",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1482"
          },
          {
            "name": "28814",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28814"
          },
          {
            "name": "VU#232881",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/232881"
          },
          {
            "name": "GLSA-200903-38",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200903-38.xml"
          },
          {
            "name": "26687",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26687"
          },
          {
            "name": "RHSA-2007:1130",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-1130.html"
          },
          {
            "name": "28109",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28109"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2007_2.txt"
          },
          {
            "name": "MDVSA-2008:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:002"
          },
          {
            "name": "oval:org.mitre.oval:def:10915",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10915"
          },
          {
            "name": "28403",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28403"
          },
          {
            "name": "27910",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27910"
          },
          {
            "name": "GLSA-200801-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-05.xml"
          },
          {
            "name": "ADV-2007-4066",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4066"
          },
          {
            "name": "28350",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28350"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=410181"
          },
          {
            "name": "1019036",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019036"
          },
          {
            "name": "28381",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28381"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=201209"
          },
          {
            "name": "34467",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34467"
          },
          {
            "name": "FEDORA-2007-4170",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00497.html"
          },
          {
            "name": "USN-565-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-565-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patch"
          },
          {
            "name": "SUSE-SR:2008:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The \"cache update reply processing\" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cached objects."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "28091",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28091"
        },
        {
          "name": "28412",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28412"
        },
        {
          "name": "FEDORA-2007-4161",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00507.html"
        },
        {
          "name": "DSA-1482",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1482"
        },
        {
          "name": "28814",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28814"
        },
        {
          "name": "VU#232881",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/232881"
        },
        {
          "name": "GLSA-200903-38",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200903-38.xml"
        },
        {
          "name": "26687",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26687"
        },
        {
          "name": "RHSA-2007:1130",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-1130.html"
        },
        {
          "name": "28109",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28109"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2007_2.txt"
        },
        {
          "name": "MDVSA-2008:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:002"
        },
        {
          "name": "oval:org.mitre.oval:def:10915",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10915"
        },
        {
          "name": "28403",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28403"
        },
        {
          "name": "27910",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27910"
        },
        {
          "name": "GLSA-200801-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-05.xml"
        },
        {
          "name": "ADV-2007-4066",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4066"
        },
        {
          "name": "28350",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28350"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=410181"
        },
        {
          "name": "1019036",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019036"
        },
        {
          "name": "28381",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28381"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=201209"
        },
        {
          "name": "34467",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34467"
        },
        {
          "name": "FEDORA-2007-4170",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00497.html"
        },
        {
          "name": "USN-565-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-565-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.6/changesets/11780.patch"
        },
        {
          "name": "SUSE-SR:2008:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-6239",
    "datePublished": "2007-12-04T18:00:00.000Z",
    "dateReserved": "2007-12-04T00:00:00.000Z",
    "dateUpdated": "2024-08-07T16:02:35.967Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2002-2414 (GCVE-0-2002-2414)

Vulnerability from cvelistv5 – Published: 2007-11-01 17:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash).
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2002-11-20 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:53.711Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20021120 Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=103783186608438\u0026w=2"
          },
          {
            "name": "6218",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6218"
          },
          {
            "name": "opera-squid-https-dos(10673)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/10673.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-11-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20021120 Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=103783186608438\u0026w=2"
        },
        {
          "name": "6218",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6218"
        },
        {
          "name": "opera-squid-https-dos(10673)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/10673.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-2414",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20021120 Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=103783186608438\u0026w=2"
            },
            {
              "name": "6218",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6218"
            },
            {
              "name": "opera-squid-https-dos(10673)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/10673.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-2414",
    "datePublished": "2007-11-01T17:00:00.000Z",
    "dateReserved": "2007-11-01T00:00:00.000Z",
    "dateUpdated": "2024-08-08T04:06:53.711Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-1560 (GCVE-0-2007-1560)

Vulnerability from cvelistv5 – Published: 2007-03-21 18:00 – Updated: 2024-08-07 12:59
VLAI?
Summary
The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://security.gentoo.org/glsa/glsa-200703-27.xml vendor-advisoryx_refsource_GENTOO
http://www.vupen.com/english/advisories/2007/1035 vdb-entryx_refsource_VUPEN
http://www.squid-cache.org/Versions/v2/2.6/change… x_refsource_CONFIRM
http://secunia.com/advisories/24611 third-party-advisoryx_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.securityfocus.com/bid/23085 vdb-entryx_refsource_BID
http://secunia.com/advisories/24625 third-party-advisoryx_refsource_SECUNIA
http://www.squid-cache.org/Advisories/SQUID-2007_1.txt x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://www.ubuntu.com/usn/usn-441-1 vendor-advisoryx_refsource_UBUNTU
http://www.securitytracker.com/id?1017805 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/24662 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/24911 third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-01… vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/24614 third-party-advisoryx_refsource_SECUNIA
Date Public ?
2007-03-20 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:59:08.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-200703-27",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200703-27.xml"
          },
          {
            "name": "ADV-2007-1035",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1035"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.6/changesets/11349.patch"
          },
          {
            "name": "24611",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24611"
          },
          {
            "name": "SUSE-SR:2007:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_5_sr.html"
          },
          {
            "name": "23085",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23085"
          },
          {
            "name": "24625",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24625"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2007_1.txt"
          },
          {
            "name": "oval:org.mitre.oval:def:10291",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10291"
          },
          {
            "name": "MDKSA-2007:068",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:068"
          },
          {
            "name": "USN-441-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-441-1"
          },
          {
            "name": "1017805",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017805"
          },
          {
            "name": "24662",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24662"
          },
          {
            "name": "squid-clientprocessrequest-dos(33124)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33124"
          },
          {
            "name": "24911",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24911"
          },
          {
            "name": "RHSA-2007:0131",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0131.html"
          },
          {
            "name": "24614",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24614"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-03-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The clientProcessRequest() function in src/client_side.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service (daemon crash) via crafted TRACE requests that trigger an assertion error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "GLSA-200703-27",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200703-27.xml"
        },
        {
          "name": "ADV-2007-1035",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1035"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.6/changesets/11349.patch"
        },
        {
          "name": "24611",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24611"
        },
        {
          "name": "SUSE-SR:2007:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_5_sr.html"
        },
        {
          "name": "23085",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23085"
        },
        {
          "name": "24625",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24625"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2007_1.txt"
        },
        {
          "name": "oval:org.mitre.oval:def:10291",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10291"
        },
        {
          "name": "MDKSA-2007:068",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:068"
        },
        {
          "name": "USN-441-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-441-1"
        },
        {
          "name": "1017805",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017805"
        },
        {
          "name": "24662",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24662"
        },
        {
          "name": "squid-clientprocessrequest-dos(33124)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33124"
        },
        {
          "name": "24911",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24911"
        },
        {
          "name": "RHSA-2007:0131",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0131.html"
        },
        {
          "name": "24614",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24614"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-1560",
    "datePublished": "2007-03-21T18:00:00.000Z",
    "dateReserved": "2007-03-21T00:00:00.000Z",
    "dateUpdated": "2024-08-07T12:59:08.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-0247 (GCVE-0-2007-0247)

Vulnerability from cvelistv5 – Published: 2007-01-16 18:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.squid-cache.org/Versions/v2/2.6/squid-… x_refsource_CONFIRM
http://www.squid-cache.org/bugs/show_bug.cgi?id=1857 x_refsource_CONFIRM
http://secunia.com/advisories/23921 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23946 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/22079 vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2007/0199 vdb-entryx_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-20070… vendor-advisoryx_refsource_GENTOO
http://secunia.com/advisories/23810 third-party-advisoryx_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://www.trustix.org/errata/2007/0003/ vendor-advisoryx_refsource_TRUSTIX
http://www.ubuntu.com/usn/usn-414-1 vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/23837 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23805 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23767 third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/39839 vdb-entryx_refsource_OSVDB
http://fedoranews.org/cms/node/2442 vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/23889 third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
Date Public ?
2007-01-13 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:12:17.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1857"
          },
          {
            "name": "23921",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23921"
          },
          {
            "name": "23946",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23946"
          },
          {
            "name": "22079",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22079"
          },
          {
            "name": "ADV-2007-0199",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0199"
          },
          {
            "name": "GLSA-200701-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml"
          },
          {
            "name": "23810",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23810"
          },
          {
            "name": "SUSE-SA:2007:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_12_squid.html"
          },
          {
            "name": "MDKSA-2007:026",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:026"
          },
          {
            "name": "2007-0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2007/0003/"
          },
          {
            "name": "USN-414-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-414-1"
          },
          {
            "name": "23837",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23837"
          },
          {
            "name": "23805",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23805"
          },
          {
            "name": "23767",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23767"
          },
          {
            "name": "39839",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/39839"
          },
          {
            "name": "FEDORA-2007-092",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/cms/node/2442"
          },
          {
            "name": "23889",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23889"
          },
          {
            "name": "squid-multiple-dos(31523)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31523"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-01-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1857"
        },
        {
          "name": "23921",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23921"
        },
        {
          "name": "23946",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23946"
        },
        {
          "name": "22079",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22079"
        },
        {
          "name": "ADV-2007-0199",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0199"
        },
        {
          "name": "GLSA-200701-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml"
        },
        {
          "name": "23810",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23810"
        },
        {
          "name": "SUSE-SA:2007:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_12_squid.html"
        },
        {
          "name": "MDKSA-2007:026",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:026"
        },
        {
          "name": "2007-0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2007/0003/"
        },
        {
          "name": "USN-414-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-414-1"
        },
        {
          "name": "23837",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23837"
        },
        {
          "name": "23805",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23805"
        },
        {
          "name": "23767",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23767"
        },
        {
          "name": "39839",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/39839"
        },
        {
          "name": "FEDORA-2007-092",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/cms/node/2442"
        },
        {
          "name": "23889",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23889"
        },
        {
          "name": "squid-multiple-dos(31523)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31523"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0247",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12"
            },
            {
              "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1857",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1857"
            },
            {
              "name": "23921",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23921"
            },
            {
              "name": "23946",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23946"
            },
            {
              "name": "22079",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22079"
            },
            {
              "name": "ADV-2007-0199",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0199"
            },
            {
              "name": "GLSA-200701-22",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml"
            },
            {
              "name": "23810",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23810"
            },
            {
              "name": "SUSE-SA:2007:012",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_12_squid.html"
            },
            {
              "name": "MDKSA-2007:026",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:026"
            },
            {
              "name": "2007-0003",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2007/0003/"
            },
            {
              "name": "USN-414-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-414-1"
            },
            {
              "name": "23837",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23837"
            },
            {
              "name": "23805",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23805"
            },
            {
              "name": "23767",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23767"
            },
            {
              "name": "39839",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/39839"
            },
            {
              "name": "FEDORA-2007-092",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/cms/node/2442"
            },
            {
              "name": "23889",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23889"
            },
            {
              "name": "squid-multiple-dos(31523)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31523"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0247",
    "datePublished": "2007-01-16T18:00:00.000Z",
    "dateReserved": "2007-01-16T00:00:00.000Z",
    "dateUpdated": "2024-08-07T12:12:17.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-0248 (GCVE-0-2007-0248)

Vulnerability from cvelistv5 – Published: 2007-01-16 18:00 – Updated: 2024-08-07 12:12
VLAI?
Summary
The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.squid-cache.org/Versions/v2/2.6/squid-… x_refsource_CONFIRM
http://www.securityfocus.com/bid/22203 vdb-entryx_refsource_BID
http://secunia.com/advisories/23921 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23946 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/0199 vdb-entryx_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-20070… vendor-advisoryx_refsource_GENTOO
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.ubuntu.com/usn/usn-414-1 vendor-advisoryx_refsource_UBUNTU
http://secunia.com/advisories/23805 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23767 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/23889 third-party-advisoryx_refsource_SECUNIA
http://www.squid-cache.org/bugs/show_bug.cgi?id=1848 x_refsource_CONFIRM
Date Public ?
2007-01-13 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:12:17.832Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12"
          },
          {
            "name": "22203",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22203"
          },
          {
            "name": "23921",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23921"
          },
          {
            "name": "23946",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23946"
          },
          {
            "name": "ADV-2007-0199",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0199"
          },
          {
            "name": "GLSA-200701-22",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml"
          },
          {
            "name": "SUSE-SA:2007:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_12_squid.html"
          },
          {
            "name": "MDKSA-2007:026",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:026"
          },
          {
            "name": "squid-externalacl-dos(31525)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31525"
          },
          {
            "name": "USN-414-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-414-1"
          },
          {
            "name": "23805",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23805"
          },
          {
            "name": "23767",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23767"
          },
          {
            "name": "23889",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23889"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1848"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-01-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12"
        },
        {
          "name": "22203",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22203"
        },
        {
          "name": "23921",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23921"
        },
        {
          "name": "23946",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23946"
        },
        {
          "name": "ADV-2007-0199",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0199"
        },
        {
          "name": "GLSA-200701-22",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml"
        },
        {
          "name": "SUSE-SA:2007:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_12_squid.html"
        },
        {
          "name": "MDKSA-2007:026",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:026"
        },
        {
          "name": "squid-externalacl-dos(31525)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31525"
        },
        {
          "name": "USN-414-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-414-1"
        },
        {
          "name": "23805",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23805"
        },
        {
          "name": "23767",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23767"
        },
        {
          "name": "23889",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23889"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1848"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0248",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service (crash) by causing an external_acl queue overload, which triggers an infinite loop."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE7-RELEASENOTES.html#s12"
            },
            {
              "name": "22203",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22203"
            },
            {
              "name": "23921",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23921"
            },
            {
              "name": "23946",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23946"
            },
            {
              "name": "ADV-2007-0199",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0199"
            },
            {
              "name": "GLSA-200701-22",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200701-22.xml"
            },
            {
              "name": "SUSE-SA:2007:012",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2007_12_squid.html"
            },
            {
              "name": "MDKSA-2007:026",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:026"
            },
            {
              "name": "squid-externalacl-dos(31525)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31525"
            },
            {
              "name": "USN-414-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-414-1"
            },
            {
              "name": "23805",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23805"
            },
            {
              "name": "23767",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23767"
            },
            {
              "name": "23889",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23889"
            },
            {
              "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1848",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1848"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0248",
    "datePublished": "2007-01-16T18:00:00.000Z",
    "dateReserved": "2007-01-16T00:00:00.000Z",
    "dateUpdated": "2024-08-07T12:12:17.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-2654 (GCVE-0-2004-2654)

Vulnerability from cvelistv5 – Published: 2006-02-24 11:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor's bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.squid-cache.org/bugs/show_bug.cgi?id=972 x_refsource_MISC
http://securitytracker.com/id?1011214 vdb-entryx_refsource_SECTRACK
http://www.osvdb.org/9801 vdb-entryx_refsource_OSVDB
http://www.attrition.org/pipermail/vim/2006-Febru… mailing-listx_refsource_VIM
http://secunia.com/advisories/12754 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/12508 third-party-advisoryx_refsource_SECUNIA
http://www.securitylab.ru/47881.html x_refsource_MISC
Date Public ?
2004-04-27 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:36:24.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=972"
          },
          {
            "name": "1011214",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1011214"
          },
          {
            "name": "9801",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/9801"
          },
          {
            "name": "20060223 old Squid clientAbortBody issue - NOT an overflow?",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2006-February/000570.html"
          },
          {
            "name": "12754",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12754"
          },
          {
            "name": "12508",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12508"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securitylab.ru/47881.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference.  NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor\u0027s bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-01-10T10:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=972"
        },
        {
          "name": "1011214",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1011214"
        },
        {
          "name": "9801",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/9801"
        },
        {
          "name": "20060223 old Squid clientAbortBody issue - NOT an overflow?",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2006-February/000570.html"
        },
        {
          "name": "12754",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12754"
        },
        {
          "name": "12508",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12508"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securitylab.ru/47881.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2654",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference.  NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor\u0027s bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=972",
              "refsource": "MISC",
              "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=972"
            },
            {
              "name": "1011214",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1011214"
            },
            {
              "name": "9801",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/9801"
            },
            {
              "name": "20060223 old Squid clientAbortBody issue - NOT an overflow?",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2006-February/000570.html"
            },
            {
              "name": "12754",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12754"
            },
            {
              "name": "12508",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12508"
            },
            {
              "name": "http://www.securitylab.ru/47881.html",
              "refsource": "MISC",
              "url": "http://www.securitylab.ru/47881.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2654",
    "datePublished": "2006-02-24T11:00:00.000Z",
    "dateReserved": "2006-02-24T00:00:00.000Z",
    "dateUpdated": "2024-08-08T01:36:24.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3322 (GCVE-0-2005-3322)

Vulnerability from cvelistv5 – Published: 2005-10-27 04:00 – Updated: 2024-08-07 23:10
VLAI?
Summary
Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL).
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2005-10-21 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:10:08.572Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SR:2005:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
          },
          {
            "name": "SUSE-SR:2005:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
          },
          {
            "name": "15165",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15165"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-10-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-12-05T10:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SR:2005:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
        },
        {
          "name": "SUSE-SR:2005:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
        },
        {
          "name": "15165",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15165"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3322",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Squid on SUSE Linux 9.0 allows remote attackers to cause a denial of service (crash) via HTTPs (SSL)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SR:2005:028",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_28_sr.html"
            },
            {
              "name": "SUSE-SR:2005:024",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_24_sr.html"
            },
            {
              "name": "15165",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15165"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3322",
    "datePublished": "2005-10-27T04:00:00.000Z",
    "dateReserved": "2005-10-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T23:10:08.572Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-3258 (GCVE-0-2005-3258)

Vulnerability from cvelistv5 – Published: 2005-10-20 04:00 – Updated: 2024-08-07 23:01
VLAI?
Summary
The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/17626 third-party-advisoryx_refsource_SECUNIA
http://securitytracker.com/id?1015085 vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/17287 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17513 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17338 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17645 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17271 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2005/2151 vdb-entryx_refsource_VUPEN
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://secunia.com/advisories/17407 third-party-advisoryx_refsource_SECUNIA
Date Public ?
2005-10-18 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:01:59.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17626",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17626"
          },
          {
            "name": "1015085",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015085"
          },
          {
            "name": "17287",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17287"
          },
          {
            "name": "17513",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17513"
          },
          {
            "name": "17338",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17338"
          },
          {
            "name": "17645",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17645"
          },
          {
            "name": "17271",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17271"
          },
          {
            "name": "ADV-2005-2151",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2151"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape"
          },
          {
            "name": "SUSE-SR:2005:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
          },
          {
            "name": "17407",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17407"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-10-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain \"odd\" responses."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-04T13:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "17626",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17626"
        },
        {
          "name": "1015085",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015085"
        },
        {
          "name": "17287",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17287"
        },
        {
          "name": "17513",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17513"
        },
        {
          "name": "17338",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17338"
        },
        {
          "name": "17645",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17645"
        },
        {
          "name": "17271",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17271"
        },
        {
          "name": "ADV-2005-2151",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2151"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape"
        },
        {
          "name": "SUSE-SR:2005:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
        },
        {
          "name": "17407",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17407"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-3258",
    "datePublished": "2005-10-20T04:00:00.000Z",
    "dateReserved": "2005-10-19T00:00:00.000Z",
    "dateUpdated": "2024-08-07T23:01:59.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-2917 (GCVE-0-2005-2917)

Vulnerability from cvelistv5 – Published: 2005-09-30 04:00 – Updated: 2024-08-07 22:53
VLAI?
Summary
Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.ubuntu.com/usn/usn-192-1/ vendor-advisoryx_refsource_UBUNTU
http://securitytracker.com/id?1014920 vdb-entryx_refsource_SECTRACK
ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20… vendor-advisoryx_refsource_SCO
http://secunia.com/advisories/16992 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/14977 vdb-entryx_refsource_BID
http://www.osvdb.org/19607 vdb-entryx_refsource_OSVDB
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/17050 third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-00… vendor-advisoryx_refsource_REDHAT
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/19532 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17177 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/19161 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/17015 third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-00… vendor-advisoryx_refsource_REDHAT
http://www.debian.org/security/2005/dsa-828 vendor-advisoryx_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
Date Public ?
2005-09-30 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:53:29.996Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-192-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-192-1/"
          },
          {
            "name": "1014920",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014920"
          },
          {
            "name": "20060401-01-U",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"
          },
          {
            "name": "SCOSA-2005.49",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
          },
          {
            "name": "16992",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16992"
          },
          {
            "name": "14977",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14977"
          },
          {
            "name": "19607",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/19607"
          },
          {
            "name": "MDKSA-2005:181",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181"
          },
          {
            "name": "squid-ntlm-authentication-dos(24282)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "17050",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17050"
          },
          {
            "name": "RHSA-2006:0052",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0052.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11580",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580"
          },
          {
            "name": "19532",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19532"
          },
          {
            "name": "17177",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17177"
          },
          {
            "name": "19161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19161"
          },
          {
            "name": "17015",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17015"
          },
          {
            "name": "RHSA-2006:0045",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0045.html"
          },
          {
            "name": "DSA-828",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-828"
          },
          {
            "name": "SUSE-SR:2005:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-09-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "USN-192-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-192-1/"
        },
        {
          "name": "1014920",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014920"
        },
        {
          "name": "20060401-01-U",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"
        },
        {
          "name": "SCOSA-2005.49",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
        },
        {
          "name": "16992",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16992"
        },
        {
          "name": "14977",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14977"
        },
        {
          "name": "19607",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/19607"
        },
        {
          "name": "MDKSA-2005:181",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181"
        },
        {
          "name": "squid-ntlm-authentication-dos(24282)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "17050",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17050"
        },
        {
          "name": "RHSA-2006:0052",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0052.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11580",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580"
        },
        {
          "name": "19532",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19532"
        },
        {
          "name": "17177",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17177"
        },
        {
          "name": "19161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19161"
        },
        {
          "name": "17015",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17015"
        },
        {
          "name": "RHSA-2006:0045",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0045.html"
        },
        {
          "name": "DSA-828",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-828"
        },
        {
          "name": "SUSE-SR:2005:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-2917",
    "datePublished": "2005-09-30T04:00:00.000Z",
    "dateReserved": "2005-09-15T00:00:00.000Z",
    "dateUpdated": "2024-08-07T22:53:29.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-2794 (GCVE-0-2005-2794)

Vulnerability from cvelistv5 – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45
VLAI?
Summary
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://www.securityfocus.com/bid/14761 vdb-entryx_refsource_BID
http://www.debian.org/security/2005/dsa-809 vendor-advisoryx_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://www.gentoo.org/security/en/glsa/glsa-20050… vendor-advisoryx_refsource_GENTOO
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2005-766.html vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/17027 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/16977 third-party-advisoryx_refsource_SECUNIA
Date Public ?
2005-09-01 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:45:02.303Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:10276",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276"
          },
          {
            "name": "MDKSA-2005:162",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:162"
          },
          {
            "name": "14761",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14761"
          },
          {
            "name": "DSA-809",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-809"
          },
          {
            "name": "SUSE-SA:2005:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_53_squid.html"
          },
          {
            "name": "SUSE-SR:2005:021",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "GLSA-200509-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING"
          },
          {
            "name": "RHSA-2005:766",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-766.html"
          },
          {
            "name": "17027",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17027"
          },
          {
            "name": "16977",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16977"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-09-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:10276",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276"
        },
        {
          "name": "MDKSA-2005:162",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:162"
        },
        {
          "name": "14761",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14761"
        },
        {
          "name": "DSA-809",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-809"
        },
        {
          "name": "SUSE-SA:2005:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_53_squid.html"
        },
        {
          "name": "SUSE-SR:2005:021",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "GLSA-200509-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING"
        },
        {
          "name": "RHSA-2005:766",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-766.html"
        },
        {
          "name": "17027",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17027"
        },
        {
          "name": "16977",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16977"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-2794",
    "datePublished": "2005-09-07T04:00:00.000Z",
    "dateReserved": "2005-09-06T00:00:00.000Z",
    "dateUpdated": "2024-08-07T22:45:02.303Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-2796 (GCVE-0-2005-2796)

Vulnerability from cvelistv5 – Published: 2005-09-07 04:00 – Updated: 2024-08-07 22:45
VLAI?
Summary
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/14731 vdb-entryx_refsource_BID
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
http://securitytracker.com/id?1014846 vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2005/dsa-809 vendor-advisoryx_refsource_DEBIAN
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://www.gentoo.org/security/en/glsa/glsa-20050… vendor-advisoryx_refsource_GENTOO
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2005-766.html vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/17027 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/16977 third-party-advisoryx_refsource_SECUNIA
Date Public ?
2005-09-02 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:45:02.280Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "14731",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14731"
          },
          {
            "name": "oval:org.mitre.oval:def:10522",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10522"
          },
          {
            "name": "MDKSA-2005:162",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:162"
          },
          {
            "name": "1014846",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014846"
          },
          {
            "name": "DSA-809",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-809"
          },
          {
            "name": "SUSE-SA:2005:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_53_squid.html"
          },
          {
            "name": "SUSE-SR:2005:021",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "GLSA-200509-06",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout"
          },
          {
            "name": "RHSA-2005:766",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-766.html"
          },
          {
            "name": "17027",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17027"
          },
          {
            "name": "16977",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16977"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-09-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "14731",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14731"
        },
        {
          "name": "oval:org.mitre.oval:def:10522",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10522"
        },
        {
          "name": "MDKSA-2005:162",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:162"
        },
        {
          "name": "1014846",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014846"
        },
        {
          "name": "DSA-809",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-809"
        },
        {
          "name": "SUSE-SA:2005:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_53_squid.html"
        },
        {
          "name": "SUSE-SR:2005:021",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "GLSA-200509-06",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout"
        },
        {
          "name": "RHSA-2005:766",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-766.html"
        },
        {
          "name": "17027",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17027"
        },
        {
          "name": "16977",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16977"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-2796",
    "datePublished": "2005-09-07T04:00:00.000Z",
    "dateReserved": "2005-09-06T00:00:00.000Z",
    "dateUpdated": "2024-08-07T22:45:02.280Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1711 (GCVE-0-2005-1711)

Vulnerability from cvelistv5 – Published: 2005-05-24 04:00 – Updated: 2024-09-16 17:33
VLAI?
Summary
Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://securitytracker.com/id?1014030 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:59:24.199Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1014030",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014030"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-05-24T04:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1014030",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014030"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1711",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1014030",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014030"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1711",
    "datePublished": "2005-05-24T04:00:00.000Z",
    "dateReserved": "2005-05-24T00:00:00.000Z",
    "dateUpdated": "2024-09-16T17:33:14.334Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1519 (GCVE-0-2005-1519)

Vulnerability from cvelistv5 – Published: 2005-05-11 04:00 – Updated: 2024-08-07 21:51
VLAI?
Summary
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.securityfocus.com/bid/13592 vdb-entryx_refsource_BID
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.redhat.com/archives/fedora-announce-li… vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/15294 third-party-advisoryx_refsource_SECUNIA
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2005/dsa-751 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-489.html vendor-advisoryx_refsource_REDHAT
http://www.vupen.com/english/advisories/2005/0521 vdb-entryx_refsource_VUPEN
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
Date Public ?
2005-05-11 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:51:50.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13592",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13592"
          },
          {
            "name": "oval:org.mitre.oval:def:9976",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9976"
          },
          {
            "name": "FEDORA-2005-373",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
          },
          {
            "name": "15294",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15294"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "DSA-751",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-751"
          },
          {
            "name": "RHSA-2005:489",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html"
          },
          {
            "name": "ADV-2005-0521",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/0521"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "13592",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13592"
        },
        {
          "name": "oval:org.mitre.oval:def:9976",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9976"
        },
        {
          "name": "FEDORA-2005-373",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
        },
        {
          "name": "15294",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15294"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "DSA-751",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-751"
        },
        {
          "name": "RHSA-2005:489",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html"
        },
        {
          "name": "ADV-2005-0521",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/0521"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-1519",
    "datePublished": "2005-05-11T04:00:00.000Z",
    "dateReserved": "2005-05-11T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:51:50.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-1345 (GCVE-0-2005-1345)

Vulnerability from cvelistv5 – Published: 2005-04-28 04:00 – Updated: 2024-08-07 21:44
VLAI?
Summary
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2005-03-04 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:44:06.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "CLA-2005:948",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000948"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1255"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error"
          },
          {
            "name": "oval:org.mitre.oval:def:10513",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10513"
          },
          {
            "name": "RHSA-2005:415",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-415.html"
          },
          {
            "name": "DSA-721",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-721"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "CLA-2005:948",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000948"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1255"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error"
        },
        {
          "name": "oval:org.mitre.oval:def:10513",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10513"
        },
        {
          "name": "RHSA-2005:415",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-415.html"
        },
        {
          "name": "DSA-721",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-721"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-1345",
    "datePublished": "2005-04-28T04:00:00.000Z",
    "dateReserved": "2005-04-28T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:44:06.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0718 (GCVE-0-2005-0718)

Vulnerability from cvelistv5 – Published: 2005-03-12 05:00 – Updated: 2024-08-07 21:21
VLAI?
Summary
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.squid-cache.org/bugs/show_bug.cgi?id=1224 x_refsource_CONFIRM
http://www1.uk.squid-cache.org/Versions/v2/2.5/bu… x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/13166 vdb-entryx_refsource_BID
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://secunia.com/advisories/12508 third-party-advisoryx_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-489.html vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/111-1/ vendor-advisoryx_refsource_UBUNTU
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2005-415.html vendor-advisoryx_refsource_REDHAT
Date Public ?
2005-02-04 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:21:06.764Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1224"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-post"
          },
          {
            "name": "oval:org.mitre.oval:def:11562",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11562"
          },
          {
            "name": "squid-put-post-dos(19919)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19919"
          },
          {
            "name": "13166",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13166"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "12508",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12508"
          },
          {
            "name": "RHSA-2005:489",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html"
          },
          {
            "name": "USN-111-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/111-1/"
          },
          {
            "name": "CLA-2005:931",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
          },
          {
            "name": "RHSA-2005:415",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-415.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1224"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-post"
        },
        {
          "name": "oval:org.mitre.oval:def:11562",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11562"
        },
        {
          "name": "squid-put-post-dos(19919)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19919"
        },
        {
          "name": "13166",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13166"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "12508",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12508"
        },
        {
          "name": "RHSA-2005:489",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html"
        },
        {
          "name": "USN-111-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/111-1/"
        },
        {
          "name": "CLA-2005:931",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
        },
        {
          "name": "RHSA-2005:415",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-415.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0718",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1224",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1224"
            },
            {
              "name": "http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-post",
              "refsource": "CONFIRM",
              "url": "http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-post"
            },
            {
              "name": "oval:org.mitre.oval:def:11562",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11562"
            },
            {
              "name": "squid-put-post-dos(19919)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19919"
            },
            {
              "name": "13166",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13166"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "12508",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12508"
            },
            {
              "name": "RHSA-2005:489",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-489.html"
            },
            {
              "name": "USN-111-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/111-1/"
            },
            {
              "name": "CLA-2005:931",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
            },
            {
              "name": "RHSA-2005:415",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-415.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0718",
    "datePublished": "2005-03-12T05:00:00.000Z",
    "dateReserved": "2005-03-12T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:21:06.764Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0626 (GCVE-0-2005-0626)

Vulnerability from cvelistv5 – Published: 2005-03-03 05:00 – Updated: 2024-08-07 21:21
VLAI?
Summary
Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/bid/12716 vdb-entryx_refsource_BID
https://usn.ubuntu.com/93-1/ vendor-advisoryx_refsource_UBUNTU
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2005-415.html vendor-advisoryx_refsource_REDHAT
Date Public ?
2005-03-02 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:21:06.476Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-setcookie"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "12716",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12716"
          },
          {
            "name": "USN-93-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/93-1/"
          },
          {
            "name": "squid-set-cookie-race-condition(19581)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19581"
          },
          {
            "name": "oval:org.mitre.oval:def:11169",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11169"
          },
          {
            "name": "RHSA-2005:415",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-415.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-03-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-03T20:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-setcookie"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "12716",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12716"
        },
        {
          "name": "USN-93-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/93-1/"
        },
        {
          "name": "squid-set-cookie-race-condition(19581)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19581"
        },
        {
          "name": "oval:org.mitre.oval:def:11169",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11169"
        },
        {
          "name": "RHSA-2005:415",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-415.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-0626",
    "datePublished": "2005-03-03T05:00:00.000Z",
    "dateReserved": "2005-03-03T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:21:06.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0446 (GCVE-0-2005-0446)

Vulnerability from cvelistv5 – Published: 2005-02-15 05:00 – Updated: 2024-08-07 21:13
VLAI?
Summary
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2005-02-13 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:13:54.267Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20050221 [USN-84-1] Squid vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110901183320453\u0026w=2"
          },
          {
            "name": "GLSA-200502-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-25.xml"
          },
          {
            "name": "14271",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14271"
          },
          {
            "name": "squid-xstrndup-dos(19332)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19332"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch"
          },
          {
            "name": "RHSA-2005:201",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-201.html"
          },
          {
            "name": "12551",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12551"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "DSA-688",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-688"
          },
          {
            "name": "RHSA-2005:173",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-173.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11264",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11264"
          },
          {
            "name": "CLA-2005:931",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
          },
          {
            "name": "MDKSA-2005:047",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:047"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20050221 [USN-84-1] Squid vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110901183320453\u0026w=2"
        },
        {
          "name": "GLSA-200502-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-25.xml"
        },
        {
          "name": "14271",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14271"
        },
        {
          "name": "squid-xstrndup-dos(19332)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19332"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch"
        },
        {
          "name": "RHSA-2005:201",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-201.html"
        },
        {
          "name": "12551",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12551"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "DSA-688",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-688"
        },
        {
          "name": "RHSA-2005:173",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-173.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11264",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11264"
        },
        {
          "name": "CLA-2005:931",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
        },
        {
          "name": "MDKSA-2005:047",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:047"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0446",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050221 [USN-84-1] Squid vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110901183320453\u0026w=2"
            },
            {
              "name": "GLSA-200502-25",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-25.xml"
            },
            {
              "name": "14271",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14271"
            },
            {
              "name": "squid-xstrndup-dos(19332)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19332"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch"
            },
            {
              "name": "RHSA-2005:201",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-201.html"
            },
            {
              "name": "12551",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12551"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "DSA-688",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-688"
            },
            {
              "name": "RHSA-2005:173",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-173.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11264",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11264"
            },
            {
              "name": "CLA-2005:931",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
            },
            {
              "name": "MDKSA-2005:047",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:047"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0446",
    "datePublished": "2005-02-15T05:00:00.000Z",
    "dateReserved": "2005-02-16T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:13:54.267Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0241 (GCVE-0-2005-0241)

Vulnerability from cvelistv5 – Published: 2005-02-08 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2005-01-31 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:25.387Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "14091",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14091"
          },
          {
            "name": "VU#823350",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/823350"
          },
          {
            "name": "12412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12412"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216"
          },
          {
            "name": "oval:org.mitre.oval:def:10998",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "squid-http-cache-poisoning(19060)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060"
          },
          {
            "name": "CLA-2005:931",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-31T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "shortName": "debian"
      },
      "references": [
        {
          "name": "14091",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14091"
        },
        {
          "name": "VU#823350",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/823350"
        },
        {
          "name": "12412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12412"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216"
        },
        {
          "name": "oval:org.mitre.oval:def:10998",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "squid-http-cache-poisoning(19060)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060"
        },
        {
          "name": "CLA-2005:931",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@debian.org",
          "ID": "CVE-2005-0241",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "14091",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14091"
            },
            {
              "name": "VU#823350",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/823350"
            },
            {
              "name": "12412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12412"
            },
            {
              "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216"
            },
            {
              "name": "oval:org.mitre.oval:def:10998",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "squid-http-cache-poisoning(19060)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060"
            },
            {
              "name": "CLA-2005:931",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
    "assignerShortName": "debian",
    "cveId": "CVE-2005-0241",
    "datePublished": "2005-02-08T05:00:00.000Z",
    "dateReserved": "2005-02-08T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:05:25.387Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0173 (GCVE-0-2005-0173)

Vulnerability from cvelistv5 – Published: 2005-02-06 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2005-01-26 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:25.253Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2005:923",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
          },
          {
            "name": "VU#924198",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/924198"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ldap_spaces.patch"
          },
          {
            "name": "12431",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12431"
          },
          {
            "name": "oval:org.mitre.oval:def:10251",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10251"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "MDKSA-2005:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
          },
          {
            "name": "DSA-667",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-667"
          },
          {
            "name": "20050207 [USN-77-1] Squid vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1187"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2005:923",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
        },
        {
          "name": "VU#924198",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/924198"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ldap_spaces.patch"
        },
        {
          "name": "12431",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12431"
        },
        {
          "name": "oval:org.mitre.oval:def:10251",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10251"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "MDKSA-2005:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
        },
        {
          "name": "DSA-667",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-667"
        },
        {
          "name": "20050207 [USN-77-1] Squid vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1187"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0173",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2005:923",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
            },
            {
              "name": "VU#924198",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/924198"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ldap_spaces.patch",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ldap_spaces.patch"
            },
            {
              "name": "12431",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12431"
            },
            {
              "name": "oval:org.mitre.oval:def:10251",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10251"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "MDKSA-2005:034",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
            },
            {
              "name": "DSA-667",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-667"
            },
            {
              "name": "20050207 [USN-77-1] Squid vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            },
            {
              "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1187",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1187"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0173",
    "datePublished": "2005-02-06T05:00:00.000Z",
    "dateReserved": "2005-01-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:05:25.253Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0175 (GCVE-0-2005-0175)

Vulnerability from cvelistv5 – Published: 2005-02-06 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
http://www.redhat.com/archives/fedora-announce-li… vendor-advisoryx_refsource_FEDORA
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://www.squid-cache.org/Advisories/SQUID-2005_5.txt x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/625878 third-party-advisoryx_refsource_CERT-VN
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/bid/12433 vdb-entryx_refsource_BID
http://www.redhat.com/support/errata/RHSA-2005-061.html vendor-advisoryx_refsource_REDHAT
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
http://www.debian.org/security/2005/dsa-667 vendor-advisoryx_refsource_DEBIAN
http://marc.info/?l=bugtraq&m=110780531820947&w=2 mailing-listx_refsource_BUGTRAQ
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2005-060.html vendor-advisoryx_refsource_REDHAT
Date Public ?
2005-01-31 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:25.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting"
          },
          {
            "name": "FEDORA-2005-373",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2005_5.txt"
          },
          {
            "name": "VU#625878",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/625878"
          },
          {
            "name": "oval:org.mitre.oval:def:11605",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11605"
          },
          {
            "name": "12433",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12433"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "CLA-2005:931",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
          },
          {
            "name": "MDKSA-2005:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
          },
          {
            "name": "DSA-667",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-667"
          },
          {
            "name": "20050207 [USN-77-1] Squid vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-31T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting"
        },
        {
          "name": "FEDORA-2005-373",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2005_5.txt"
        },
        {
          "name": "VU#625878",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/625878"
        },
        {
          "name": "oval:org.mitre.oval:def:11605",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11605"
        },
        {
          "name": "12433",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12433"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "CLA-2005:931",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
        },
        {
          "name": "MDKSA-2005:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
        },
        {
          "name": "DSA-667",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-667"
        },
        {
          "name": "20050207 [USN-77-1] Squid vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0175",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting"
            },
            {
              "name": "FEDORA-2005-373",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "http://www.squid-cache.org/Advisories/SQUID-2005_5.txt",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Advisories/SQUID-2005_5.txt"
            },
            {
              "name": "VU#625878",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/625878"
            },
            {
              "name": "oval:org.mitre.oval:def:11605",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11605"
            },
            {
              "name": "12433",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12433"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "CLA-2005:931",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
            },
            {
              "name": "MDKSA-2005:034",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
            },
            {
              "name": "DSA-667",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-667"
            },
            {
              "name": "20050207 [USN-77-1] Squid vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0175",
    "datePublished": "2005-02-06T05:00:00.000Z",
    "dateReserved": "2005-01-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:05:25.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0174 (GCVE-0-2005-0174)

Vulnerability from cvelistv5 – Published: 2005-02-06 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2005-01-25 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:25.615Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2005-373",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing"
          },
          {
            "name": "12412",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12412"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "VU#768702",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/768702"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www3.br.squid-cache.org/Advisories/SQUID-2005_4.txt"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "CLA-2005:931",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
          },
          {
            "name": "oval:org.mitre.oval:def:10656",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10656"
          },
          {
            "name": "MDKSA-2005:034",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
          },
          {
            "name": "20050207 [USN-77-1] Squid vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FEDORA-2005-373",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing"
        },
        {
          "name": "12412",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12412"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "VU#768702",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/768702"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www3.br.squid-cache.org/Advisories/SQUID-2005_4.txt"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "CLA-2005:931",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
        },
        {
          "name": "oval:org.mitre.oval:def:10656",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10656"
        },
        {
          "name": "MDKSA-2005:034",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
        },
        {
          "name": "20050207 [USN-77-1] Squid vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0174",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2005-373",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing"
            },
            {
              "name": "12412",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12412"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "VU#768702",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/768702"
            },
            {
              "name": "http://www3.br.squid-cache.org/Advisories/SQUID-2005_4.txt",
              "refsource": "CONFIRM",
              "url": "http://www3.br.squid-cache.org/Advisories/SQUID-2005_4.txt"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "CLA-2005:931",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000931"
            },
            {
              "name": "oval:org.mitre.oval:def:10656",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10656"
            },
            {
              "name": "MDKSA-2005:034",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:034"
            },
            {
              "name": "20050207 [USN-77-1] Squid vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110780531820947\u0026w=2"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0174",
    "datePublished": "2005-02-06T05:00:00.000Z",
    "dateReserved": "2005-01-27T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:05:25.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0194 (GCVE-0-2005-0194)

Vulnerability from cvelistv5 – Published: 2005-02-06 05:00 – Updated: 2024-08-07 21:05
VLAI?
Summary
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Date Public ?
2005-01-26 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:05:24.953Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2005:923",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls"
          },
          {
            "name": "20050221 [USN-84-1] Squid vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110901183320453\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1166"
          },
          {
            "name": "DSA-667",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-667"
          },
          {
            "name": "VU#260421",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/260421"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2005:923",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls"
        },
        {
          "name": "20050221 [USN-84-1] Squid vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110901183320453\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1166"
        },
        {
          "name": "DSA-667",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-667"
        },
        {
          "name": "VU#260421",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/260421"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0194",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2005:923",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls"
            },
            {
              "name": "20050221 [USN-84-1] Squid vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110901183320453\u0026w=2"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1166",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1166"
            },
            {
              "name": "DSA-667",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-667"
            },
            {
              "name": "VU#260421",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/260421"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0194",
    "datePublished": "2005-02-06T05:00:00.000Z",
    "dateReserved": "2005-01-31T00:00:00.000Z",
    "dateUpdated": "2024-08-07T21:05:24.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0095 (GCVE-0-2005-0095)

Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
http://www.trustix.org/errata/2005/0003/ vendor-advisoryx_refsource_TRUSTIX
http://www.securityfocus.com/bid/12275 vdb-entryx_refsource_BID
http://www.osvdb.org/12886 vdb-entryx_refsource_OSVDB
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://security.gentoo.org/glsa/glsa-200501-25.xml vendor-advisoryx_refsource_GENTOO
http://www.debian.org/security/2005/dsa-651 vendor-advisoryx_refsource_DEBIAN
http://www.squid-cache.org/Versions/v2/2.5/bugs/s… x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.squid-cache.org/Advisories/SQUID-2005_2.txt x_refsource_CONFIRM
http://securitytracker.com/id?1012882 vdb-entryx_refsource_SECTRACK
http://www.redhat.com/support/errata/RHSA-2005-061.html vendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2005-060.html vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/13825 third-party-advisoryx_refsource_SECUNIA
Date Public ?
2005-01-15 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:41.094Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2005:923",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
          },
          {
            "name": "2005-0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0003/"
          },
          {
            "name": "12275",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12275"
          },
          {
            "name": "12886",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/12886"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "GLSA-200501-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
          },
          {
            "name": "DSA-651",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-651"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch"
          },
          {
            "name": "oval:org.mitre.oval:def:10269",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10269"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2005_2.txt"
          },
          {
            "name": "1012882",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012882"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "MDKSA-2005:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:014"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          },
          {
            "name": "13825",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13825"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid\u0027s home router and invalid WCCP_I_SEE_YOU cache numbers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2005:923",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
        },
        {
          "name": "2005-0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0003/"
        },
        {
          "name": "12275",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12275"
        },
        {
          "name": "12886",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/12886"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "GLSA-200501-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
        },
        {
          "name": "DSA-651",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-651"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch"
        },
        {
          "name": "oval:org.mitre.oval:def:10269",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10269"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2005_2.txt"
        },
        {
          "name": "1012882",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012882"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "MDKSA-2005:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:014"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        },
        {
          "name": "13825",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13825"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0095",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid\u0027s home router and invalid WCCP_I_SEE_YOU cache numbers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2005:923",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
            },
            {
              "name": "2005-0003",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0003/"
            },
            {
              "name": "12275",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12275"
            },
            {
              "name": "12886",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/12886"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "GLSA-200501-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
            },
            {
              "name": "DSA-651",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-651"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch"
            },
            {
              "name": "oval:org.mitre.oval:def:10269",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10269"
            },
            {
              "name": "http://www.squid-cache.org/Advisories/SQUID-2005_2.txt",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Advisories/SQUID-2005_2.txt"
            },
            {
              "name": "1012882",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012882"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "MDKSA-2005:014",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:014"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            },
            {
              "name": "13825",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13825"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0095",
    "datePublished": "2005-01-19T05:00:00.000Z",
    "dateReserved": "2005-01-18T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:57:41.094Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0094 (GCVE-0-2005-0094)

Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.trustix.org/errata/2005/0003/ vendor-advisoryx_refsource_TRUSTIX
http://www.squid-cache.org/Advisories/SQUID-2005_1.txt x_refsource_CONFIRM
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/bid/12276 vdb-entryx_refsource_BID
http://security.gentoo.org/glsa/glsa-200501-25.xml vendor-advisoryx_refsource_GENTOO
http://www.debian.org/security/2005/dsa-651 vendor-advisoryx_refsource_DEBIAN
http://www.redhat.com/support/errata/RHSA-2005-061.html vendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2005-060.html vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/13825 third-party-advisoryx_refsource_SECUNIA
http://www.squid-cache.org/Versions/v2/2.5/bugs/s… x_refsource_CONFIRM
Date Public ?
2005-01-15 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2005:923",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
          },
          {
            "name": "oval:org.mitre.oval:def:11146",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11146"
          },
          {
            "name": "2005-0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0003/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2005_1.txt"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "12276",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12276"
          },
          {
            "name": "GLSA-200501-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
          },
          {
            "name": "DSA-651",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-651"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "MDKSA-2005:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:014"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          },
          {
            "name": "13825",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13825"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2005:923",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
        },
        {
          "name": "oval:org.mitre.oval:def:11146",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11146"
        },
        {
          "name": "2005-0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0003/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2005_1.txt"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "12276",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12276"
        },
        {
          "name": "GLSA-200501-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
        },
        {
          "name": "DSA-651",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-651"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "MDKSA-2005:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:014"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        },
        {
          "name": "13825",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13825"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0094",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2005:923",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
            },
            {
              "name": "oval:org.mitre.oval:def:11146",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11146"
            },
            {
              "name": "2005-0003",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0003/"
            },
            {
              "name": "http://www.squid-cache.org/Advisories/SQUID-2005_1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Advisories/SQUID-2005_1.txt"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "12276",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12276"
            },
            {
              "name": "GLSA-200501-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
            },
            {
              "name": "DSA-651",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2005/dsa-651"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "MDKSA-2005:014",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:014"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            },
            {
              "name": "13825",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13825"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0094",
    "datePublished": "2005-01-19T05:00:00.000Z",
    "dateReserved": "2005-01-18T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:57:40.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0097 (GCVE-0-2005-0097)

Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
http://www.trustix.org/errata/2005/0003/ vendor-advisoryx_refsource_TRUSTIX
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://securitytracker.com/id?1012818 vdb-entryx_refsource_SECTRACK
http://security.gentoo.org/glsa/glsa-200501-25.xml vendor-advisoryx_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2005-061.html vendor-advisoryx_refsource_REDHAT
http://secunia.com/advisories/13789 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/12220 vdb-entryx_refsource_BID
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2005-060.html vendor-advisoryx_refsource_REDHAT
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
Date Public ?
2005-01-08 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth"
          },
          {
            "name": "2005-0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0003/"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "1012818",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012818"
          },
          {
            "name": "GLSA-200501-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "13789",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/13789"
          },
          {
            "name": "12220",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12220"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11646",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth"
        },
        {
          "name": "2005-0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0003/"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "1012818",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012818"
        },
        {
          "name": "GLSA-200501-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "13789",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/13789"
        },
        {
          "name": "12220",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12220"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11646",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0097",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth"
            },
            {
              "name": "2005-0003",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0003/"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "1012818",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012818"
            },
            {
              "name": "GLSA-200501-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "13789",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/13789"
            },
            {
              "name": "12220",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12220"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            },
            {
              "name": "oval:org.mitre.oval:def:11646",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0097",
    "datePublished": "2005-01-19T05:00:00.000Z",
    "dateReserved": "2005-01-18T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:57:40.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2005-0096 (GCVE-0-2005-0096)

Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-07 20:57
VLAI?
Summary
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption).
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
http://www.squid-cache.org/Versions/v2/2.5/bugs/#… x_refsource_CONFIRM
http://www.securityfocus.com/bid/12324 vdb-entryx_refsource_BID
http://www.trustix.org/errata/2005/0003/ vendor-advisoryx_refsource_TRUSTIX
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://securitytracker.com/id?1012818 vdb-entryx_refsource_SECTRACK
http://security.gentoo.org/glsa/glsa-200501-25.xml vendor-advisoryx_refsource_GENTOO
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2005-061.html vendor-advisoryx_refsource_REDHAT
http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
http://www.redhat.com/support/errata/RHSA-2005-060.html vendor-advisoryx_refsource_REDHAT
Date Public ?
2005-01-08 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:57:40.837Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2005:923",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth"
          },
          {
            "name": "12324",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12324"
          },
          {
            "name": "2005-0003",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0003/"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "1012818",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1012818"
          },
          {
            "name": "GLSA-200501-25",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:10233",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10233"
          },
          {
            "name": "RHSA-2005:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
          },
          {
            "name": "SUSE-SA:2005:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
          },
          {
            "name": "RHSA-2005:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2005:923",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth"
        },
        {
          "name": "12324",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12324"
        },
        {
          "name": "2005-0003",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0003/"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "1012818",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1012818"
        },
        {
          "name": "GLSA-200501-25",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:10233",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10233"
        },
        {
          "name": "RHSA-2005:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
        },
        {
          "name": "SUSE-SA:2005:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
        },
        {
          "name": "RHSA-2005:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0096",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2005:923",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
            },
            {
              "name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth"
            },
            {
              "name": "12324",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12324"
            },
            {
              "name": "2005-0003",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0003/"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "1012818",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1012818"
            },
            {
              "name": "GLSA-200501-25",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200501-25.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:10233",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10233"
            },
            {
              "name": "RHSA-2005:061",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"
            },
            {
              "name": "SUSE-SA:2005:006",
              "refsource": "SUSE",
              "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"
            },
            {
              "name": "RHSA-2005:060",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0096",
    "datePublished": "2005-01-19T05:00:00.000Z",
    "dateReserved": "2005-01-18T00:00:00.000Z",
    "dateUpdated": "2024-08-07T20:57:40.837Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-0918 (GCVE-0-2004-0918)

Vulnerability from cvelistv5 – Published: 2004-10-21 04:00 – Updated: 2024-08-08 00:31
VLAI?
Summary
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
http://www.securityfocus.com/bid/11385 vdb-entryx_refsource_BID
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005… vendor-advisoryx_refsource_SCO
http://www.redhat.com/support/errata/RHSA-2004-591.html vendor-advisoryx_refsource_REDHAT
http://www.idefense.com/application/poi/display?i… third-party-advisoryx_refsource_IDEFENSE
http://www.squid-cache.org/Advisories/SQUID-2004_3.txt x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
http://www.vupen.com/english/advisories/2008/1969… vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/30967 third-party-advisoryx_refsource_SECUNIA
http://fedoranews.org/updates/FEDORA--.shtml vendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
http://marc.info/?l=bugtraq&m=109913064629327&w=2 vendor-advisoryx_refsource_OPENPKG
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/30914 third-party-advisoryx_refsource_SECUNIA
http://www.squid-cache.org/Advisories/SQUID-2008_1.txt x_refsource_CONFIRM
http://www.gentoo.org/security/en/glsa/glsa-20041… vendor-advisoryx_refsource_GENTOO
Date Public ?
2004-10-11 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:48.079Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2005:923",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
          },
          {
            "name": "11385",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11385"
          },
          {
            "name": "SCOSA-2005.16",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
          },
          {
            "name": "RHSA-2004:591",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
          },
          {
            "name": "20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
          },
          {
            "name": "oval:org.mitre.oval:def:10931",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
          },
          {
            "name": "ADV-2008-1969",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1969/references"
          },
          {
            "name": "30967",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30967"
          },
          {
            "name": "FLSA-2006:152809",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "SUSE-SR:2008:014",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
          },
          {
            "name": "FEDORA-2008-6045",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
          },
          {
            "name": "OpenPKG-SA-2004.048",
            "tags": [
              "vendor-advisory",
              "x_refsource_OPENPKG",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
          },
          {
            "name": "squid-snmp-asnparseheader-dos(17688)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
          },
          {
            "name": "30914",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30914"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
          },
          {
            "name": "GLSA-200410-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-10-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2005:923",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
        },
        {
          "name": "11385",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11385"
        },
        {
          "name": "SCOSA-2005.16",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
        },
        {
          "name": "RHSA-2004:591",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
        },
        {
          "name": "20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
        },
        {
          "name": "oval:org.mitre.oval:def:10931",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
        },
        {
          "name": "ADV-2008-1969",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1969/references"
        },
        {
          "name": "30967",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30967"
        },
        {
          "name": "FLSA-2006:152809",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA--.shtml"
        },
        {
          "name": "SUSE-SR:2008:014",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
        },
        {
          "name": "FEDORA-2008-6045",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
        },
        {
          "name": "OpenPKG-SA-2004.048",
          "tags": [
            "vendor-advisory",
            "x_refsource_OPENPKG"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
        },
        {
          "name": "squid-snmp-asnparseheader-dos(17688)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
        },
        {
          "name": "30914",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30914"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
        },
        {
          "name": "GLSA-200410-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0918",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2005:923",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000923"
            },
            {
              "name": "11385",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11385"
            },
            {
              "name": "SCOSA-2005.16",
              "refsource": "SCO",
              "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt"
            },
            {
              "name": "RHSA-2004:591",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-591.html"
            },
            {
              "name": "20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/application/poi/display?id=152\u0026type=vulnerabilities\u0026flashstatus=false"
            },
            {
              "name": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Advisories/SQUID-2004_3.txt"
            },
            {
              "name": "oval:org.mitre.oval:def:10931",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10931"
            },
            {
              "name": "ADV-2008-1969",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1969/references"
            },
            {
              "name": "30967",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30967"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "SUSE-SR:2008:014",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
            },
            {
              "name": "FEDORA-2008-6045",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00122.html"
            },
            {
              "name": "OpenPKG-SA-2004.048",
              "refsource": "OPENPKG",
              "url": "http://marc.info/?l=bugtraq\u0026m=109913064629327\u0026w=2"
            },
            {
              "name": "squid-snmp-asnparseheader-dos(17688)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17688"
            },
            {
              "name": "30914",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30914"
            },
            {
              "name": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt",
              "refsource": "CONFIRM",
              "url": "http://www.squid-cache.org/Advisories/SQUID-2008_1.txt"
            },
            {
              "name": "GLSA-200410-15",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0918",
    "datePublished": "2004-10-21T04:00:00.000Z",
    "dateReserved": "2004-09-27T00:00:00.000Z",
    "dateUpdated": "2024-08-08T00:31:48.079Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}