cbcvebase.
CVE-2005-0175
published 2005-02-07

CVE-2005-0175: Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.

PriorityP334medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
40.98%
98.5th percentile
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.

Affected

21 ranges
VendorProductVersion rangeFixed in
debiansquid< squid 2.5.7-6 (bookworm)squid 2.5.7-6 (bookworm)
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid>= 0 < 2.5.7-62.5.7-6
squidsquid>= 0 < 2.5.7-62.5.7-6
squidsquid>= 0 < 2.5.7-62.5.7-6
squidsquid>= 0 < 2.5.7-62.5.7-6

Detection & IOCsextracted from sources · hover to see the quote

  • Detect HTTP response splitting attempts targeting Squid cache: look for injected false replies in the HTTP stream from malicious web servers designed to forge cache content for arbitrary web sites
  • Inspect HTTP responses proxied through Squid 2.5 up to 2.5.STABLE7 for cache poisoning indicators such as multiple Content-Length header lines, invalid Carriage Return characters, and HTTP header names containing whitespace
  • ·Vulnerability affects Squid versions 2.5 through 2.5.STABLE7 only; upgrading to the fixed package resolves the issue (Debian fix: 2.5.7-6)

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.