5
CVSSv2

CVE-2005-0446

Published: 02/05/2005 Updated: 11/10/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Squid 2.5.STABLE8 and previous versions allows remote malicious users to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

squid squid 2.1.patch1

squid squid 2.1.patch2

squid squid 2.2.devel4

squid squid 2.2.pre1

squid squid 2.3.devel3

squid squid 2.3.stable1

squid squid 2.3_stable5

squid squid 2.4

squid squid 2.4_.stable2

squid squid 2.4_.stable6

squid squid 2.4_.stable7

squid squid 2.5.stable5

squid squid 2.5.stable6

squid squid 2.5_.stable6

squid squid 2.5_stable3

squid squid 2.0.patch1

squid squid 2.1.pre1

squid squid 2.1.pre3

squid squid 2.2.pre2

squid squid 2.2.stable1

squid squid 2.2.stable2

squid squid 2.3.stable2

squid squid 2.3.stable3

squid squid 2.4.stable1

squid squid 2.4.stable2

squid squid 2.4_stable7

squid squid 2.5.6

squid squid 2.5.stable7

squid squid 2.5.stable8

squid squid 2.5_stable4

squid squid 2.5_stable9

squid squid 2.0.release

squid squid 2.0_patch2

squid squid 2.1_patch2

squid squid 2.2.devel3

squid squid 2.2.stable5

squid squid 2.3.devel2

squid squid 2.3_.stable4

squid squid 2.3_.stable5

squid squid 2.4.stable6

squid squid 2.4.stable7

squid squid 2.5.stable3

squid squid 2.5.stable4

squid squid 2.5_.stable4

squid squid 2.5_.stable5

squid squid 2.0.patch2

squid squid 2.0.pre1

squid squid 2.1.pre4

squid squid 2.1.release

squid squid 2.2.stable3

squid squid 2.2.stable4

squid squid 2.3.stable4

squid squid 2.3.stable5

squid squid 2.4.stable3

squid squid 2.4.stable4

squid squid 2.5.stable1

squid squid 2.5.stable2

squid squid 2.5_.stable1

squid squid 2.5_.stable3

Vendor Advisories

When parsing the configuration file, squid interpreted empty Access Control Lists (ACLs) without defined authentication schemes in a non-obvious way This could allow remote attackers to bypass intended ACLs (CAN-2005-0194) ...
Synopsis squid security update Type/Severity Security Advisory: Moderate Topic An updated squid package that fixes a denial of service issue is nowavailable for Red Hat Enterprise Linux 4This update has been rated as having moderate security impact by the RedHat Security Response Team Description ...
Synopsis squid security update Type/Severity Security Advisory: Moderate Topic Updated squid packages that fix a denial of service issue are now availableThis update has been rated as having important security impact by the RedHat Security Response Team Description Squid is a full-featured ...