Vulnerability in N/a
CVE-2005-0095
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCC…
EPSS: 0.758 (98.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- CLA-2005:923 (vendor-advisory, x_refsource_CONECTIVA)
- 2005-0003 (vendor-advisory, x_refsource_TRUSTIX)
- 12275 (vdb-entry, x_refsource_BID)
- 12886 (x_refsource_OSVDB, vdb-entry)
- FLSA-2006:152809 (vendor-advisory, x_refsource_FEDORA)
- GLSA-200501-25 (vendor-advisory, x_refsource_GENTOO)
- DSA-651 (vendor-advisory, x_refsource_DEBIAN)
- www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_servi… (x_refsource_CONFIRM)
- oval:org.mitre.oval:def:10269 (signature, x_refsource_OVAL, vdb-entry)
- www.squid-cache.org/Advisories/SQUID-2005_2.txt (x_refsource_CONFIRM)