Vulnerability in N/a

CVE-2005-0446

Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assert…

EPSS: 0.659 (98.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

References

20050221 [USN-84-1] Squid vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
GLSA-200502-25 (vendor-advisory, x_refsource_GENTOO)
14271 (x_refsource_SECUNIA, third-party-advisory)
squid-xstrndup-dos(19332) (vdb-entry, x_refsource_XF)
www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch (x_refsource_CONFIRM)
RHSA-2005:201 (x_refsource_REDHAT, vendor-advisory)
12551 (vdb-entry, x_refsource_BID)
www.squid-cache.org/Versions/v2/2.5/bugs/ (x_refsource_CONFIRM)
FLSA-2006:152809 (vendor-advisory, x_refsource_FEDORA)
DSA-688 (vendor-advisory, x_refsource_DEBIAN)