FKIE_CVE-2005-2794

Vulnerability from fkie_nvd - Published: 2005-09-07 18:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
References
secalert@redhat.comhttp://fedoranews.org/updates/FEDORA--.shtml
secalert@redhat.comhttp://secunia.com/advisories/16977
secalert@redhat.comhttp://secunia.com/advisories/17027
secalert@redhat.comhttp://www.debian.org/security/2005/dsa-809
secalert@redhat.comhttp://www.gentoo.org/security/en/glsa/glsa-200509-06.xml
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:162
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_21_sr.html
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2005_53_squid.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2005-766.html
secalert@redhat.comhttp://www.securityfocus.com/bid/14761
secalert@redhat.comhttp://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276
af854a3a-2127-422b-91ae-364da2661108http://fedoranews.org/updates/FEDORA--.shtml
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/16977
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/17027
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2005/dsa-809
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2005:162
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_21_sr.html
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2005_53_squid.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2005-766.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/14761
af854a3a-2127-422b-91ae-364da2661108http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276
Impacted products
Vendor Product Version
squid squid 2.0.patch1
squid squid 2.0.patch2
squid squid 2.0.pre1
squid squid 2.0.release
squid squid 2.1.patch1
squid squid 2.1.patch2
squid squid 2.1.pre1
squid squid 2.1.pre3
squid squid 2.1.pre4
squid squid 2.1.release
squid squid 2.2.devel3
squid squid 2.2.devel4
squid squid 2.2.pre1
squid squid 2.2.pre2
squid squid 2.2.stable1
squid squid 2.2.stable2
squid squid 2.2.stable3
squid squid 2.2.stable4
squid squid 2.2.stable5
squid squid 2.3.devel2
squid squid 2.3.devel3
squid squid 2.3.stable1
squid squid 2.3.stable2
squid squid 2.3.stable3
squid squid 2.3.stable4
squid squid 2.3.stable5
squid squid 2.4.stable1
squid squid 2.4.stable2
squid squid 2.4.stable3
squid squid 2.4.stable4
squid squid 2.4.stable6
squid squid 2.4.stable7
squid squid 2.5.stable1
squid squid 2.5.stable2
squid squid 2.5.stable3
squid squid 2.5.stable4
squid squid 2.5.stable5
squid squid 2.5.stable6
squid squid 2.5.stable7
squid squid 2.5.stable8
squid squid 2.5.stable9
squid squid 2.5.stable10
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:squid:squid:2.0.patch1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0771FC-F8FB-4065-B6E1-EA21ECE77AC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.0.patch2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B81A56D-3F2E-455B-A960-69728437B31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.0.pre1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA7799D4-7B04-463B-BA19-AE36CD9DD694",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.0.release:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8093EE-AA6A-4E2C-A891-163A42EA89EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.1.patch1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3655286B-D44A-4DCB-8DF4-D45A36398933",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.1.patch2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAFDCE5E-6D74-4E13-B830-E412C33EF337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.1.pre1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E71F3AC2-E633-41D2-B49B-A92E5FB974F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.1.pre3:*:*:*:*:*:*:*",
              "matchCriteriaId": "87284115-14F4-4FB6-A8D9-7C7A3B5151E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.1.pre4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CB618BD-9C6D-458D-A521-FE436C428A90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.1.release:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8717751-A250-49F6-97E9-C14C8A44E550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.devel3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D360F838-C65C-4E76-B460-ADE1AB7657C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.devel4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67618D3A-9C74-4701-B42F-385E0221D75D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.pre1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C501D54D-5294-4BFD-9858-BE70C411B928",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.pre2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19CB5358-7833-4D1E-8F22-CB2714E36F3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.stable1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2265D309-4E50-45A3-A884-9F1FA361D453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.stable2:*:*:*:*:*:*:*",
              "matchCriteriaId": "45663027-1EFD-415A-8AB3-BCE544F4AD9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.stable3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A38EAAEE-BAB5-42EC-B171-93D9E32AC6AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.stable4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D9E1D6A-2C46-4062-87B2-726FCC5967B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.2.stable5:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D24DCC-6C2A-466A-B59F-3D07F62175D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.3.devel2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FC7B751-34D9-4BBB-8608-97823E5F5F93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.3.devel3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DADF48B4-C9DA-41B7-9124-882ADF625F3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.3.stable1:*:*:*:*:*:*:*",
              "matchCriteriaId": "446879FE-02A7-4576-A726-6E7C918C4E43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.3.stable2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9F495D6-7734-411D-B527-14C74A345E1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.3.stable3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EFA76EB-C5A5-4652-8EF1-66E2B061BE3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.3.stable4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEB6D7E3-697C-4AA9-9925-371AB99CA395",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.3.stable5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B2DD635-BB74-4311-9E62-0DFAEB8DC121",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.4.stable1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E006EBC-5624-4AEE-85A8-10E33FCB20A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.4.stable2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D8DC1BE-EA6C-41B8-9D50-AACE2F2BA424",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.4.stable3:*:*:*:*:*:*:*",
              "matchCriteriaId": "155CB225-3F1B-4841-90F7-49C4CF90B1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.4.stable4:*:*:*:*:*:*:*",
              "matchCriteriaId": "21905542-2429-4695-B253-AEC648B0BB9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.4.stable6:*:*:*:*:*:*:*",
              "matchCriteriaId": "317FED1B-9C39-40E5-980D-C5ED808D8FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.4.stable7:*:*:*:*:*:*:*",
              "matchCriteriaId": "48242DB9-5EB2-4C95-A944-C52B798A32A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7183658C-0CDE-40B1-B203-8C365193724B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9C73406-9582-40F7-AFD9-7E9D6D94DE39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EDB690A-E0EF-4B11-83D7-B4A4C6B52DD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D3F889C-2A50-4B91-B74D-1D32A2CAFFA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCE944B8-B660-4FDB-A3F2-81F908329D88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable6:*:*:*:*:*:*:*",
              "matchCriteriaId": "75436484-5FCD-45D3-9262-63301A2024B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8D59FA7-FD38-406A-923F-68297CC4B767",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3969B3-02F1-480A-8E72-CC50CD14B573",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD64CE0-686A-44F2-B537-6D41E47A8BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.stable10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4233D036-BBD8-48AA-AD1C-403AF262B192",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING."
    }
  ],
  "id": "CVE-2005-2794",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-07T18:03:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/updates/FEDORA--.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17027"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2005/dsa-809"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:162"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_53_squid.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-766.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14761"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/updates/FEDORA--.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/16977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17027"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2005/dsa-809"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-06.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_21_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_53_squid.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-766.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10276"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.