CVE-2005-0097
published 2005-01-11CVE-2005-0097: The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that…
PriorityP420medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
10.64%
95.2th percentile
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
Affected
32 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | < squid 2.5.7-4 (bookworm) | squid 2.5.7-4 (bookworm) |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gfx6-98p8-rj23: The NTLM component in Squid 2
ghsa_unreviewed·2022-05-01
CVE-2005-0097 [MEDIUM] GHSA-gfx6-98p8-rj23: The NTLM component in Squid 2
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
OSV
CVE-2005-0097: The NTLM component in Squid 2
osv·2005-01-11·CVSS 5.0
CVE-2005-0097 [MEDIUM] CVE-2005-0097: The NTLM component in Squid 2
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
Ubuntu
Squid vulnerabilities
vendor_ubuntu·2005-01-21
CVE-2005-0094 Squid vulnerabilities
Title: Squid vulnerabilities
Summary: Squid vulnerabilities
infamous41md discovered several Denial of Service vulnerabilities in
squid.
A malicious Gopher server could crash squid by sending a line bigger
than 4096 bytes. (CAN-2005-0094)
If squid is configured to send WCPP (Web Cache Communication Protocol)
messages to a "home router", an attacker who was able to send UDP
packets with a forged source address of this router could crash the
erver with a specially crafted WCPP message. (CAN-2005-0095)
Previous versions of squid have a memory leak which gradually cause
memory exhaustion and eventual termination. (CAN-2005-0096)
A remote attacker could crash the server by sending a specially
crafted NTLM type 3 packet. (CAN-2005-0097)
Instructions: In general, a standard system update w
Red Hat
security flaw
vendor_redhat·2005-01-08·CVSS 5.0
CVE-2005-0097 [MEDIUM] security flaw
security flaw
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
Debian
CVE-2005-0097: squid - The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to c...
vendor_debian·2005·CVSS 5.0
CVE-2005-0097 [MEDIUM] CVE-2005-0097: squid - The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to c...
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
Scope: local
bookworm: resolved (fixed in 2.5.7-4)
bullseye: resolved (fixed in 2.5.7-4)
forky: resolved (fixed in 2.5.7-4)
sid: resolved (fixed in 2.5.7-4)
trixie: resolved (fixed in 2.5.7-4)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-0097 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2005-0097 [MEDIUM] CVE-2005-0097 security flaw
CVE-2005-0097 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.
Bugzilla
Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345
bugzilla·2004-10-11·CVSS 7.5
CVE-2004-0541 [HIGH] Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345
Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345 CVE-2005-1519 CVE-2004-2479 CVE-2005-2794 CVE-2005-...
iDEFENSE reported on 2004-10-11 a vulnerability in the squid SNMP
module. This issue could lead to a potential DOS (it will restart
the server, dropping all open connections).
http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135320
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135319
------- Additional Comments From [email protected] 2004-10-11 19:30:05 ----
Patch available here:
http://www1.uk.squid-cache.org/squid/Versions/v2/2
http://fedoranews.org/updates/FEDORA--.shtmlhttp://secunia.com/advisories/13789http://security.gentoo.org/glsa/glsa-200501-25.xmlhttp://securitytracker.com/id?1012818http://www.novell.com/linux/security/advisories/2005_06_squid.htmlhttp://www.redhat.com/support/errata/RHSA-2005-060.htmlhttp://www.redhat.com/support/errata/RHSA-2005-061.htmlhttp://www.securityfocus.com/bid/12220http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_authhttp://www.trustix.org/errata/2005/0003/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646http://fedoranews.org/updates/FEDORA--.shtmlhttp://secunia.com/advisories/13789http://security.gentoo.org/glsa/glsa-200501-25.xmlhttp://securitytracker.com/id?1012818http://www.novell.com/linux/security/advisories/2005_06_squid.htmlhttp://www.redhat.com/support/errata/RHSA-2005-060.htmlhttp://www.redhat.com/support/errata/RHSA-2005-061.htmlhttp://www.securityfocus.com/bid/12220http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_authhttp://www.trustix.org/errata/2005/0003/https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646
2005-01-11
Published