Vulnerability in N/a
CVE-2005-0174
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters th…
EPSS: 0.833 (99.3th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- FEDORA-2005-373 (vendor-advisory, x_refsource_FEDORA)
- www.squid-cache.org/Versions/v2/2.5/bugs/ (x_refsource_CONFIRM)
- 12412 (vdb-entry, x_refsource_BID)
- FLSA-2006:152809 (vendor-advisory, x_refsource_FEDORA)
- VU#768702 (x_refsource_CERT-VN, third-party-advisory)
- www3.br.squid-cache.org/Advisories/SQUID-2005_4.txt (x_refsource_CONFIRM)
- RHSA-2005:061 (x_refsource_REDHAT, vendor-advisory)
- CLA-2005:931 (vendor-advisory, x_refsource_CONECTIVA)
- oval:org.mitre.oval:def:10656 (signature, x_refsource_OVAL, vdb-entry)
- MDKSA-2005:034 (vendor-advisory, x_refsource_MANDRAKE)