CVE-2005-0175Squid vulnerability

7 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
77.8%
top 1.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SquidDebian Squid
Timeline
PublishedFeb 7
Latest updateMay 1

Description

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

debiandebian/squid< squid 2.5.7-6 (bookworm)
Debiansquid/squid< 2.5.7-6+3
NVDsquid/squid16 versions+15

Patches

Patch: distro.conectiva.com.brPatch: www.debian.orgPatch: www.kb.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-2rv8-xmpq-rpfx: Squid 22022-05-01
OSV
CVE-2005-0175: Squid 22005-02-07

📋Vendor Advisories

3
Ubuntu
Squid vulnerabilities2005-02-08
Red Hat
security flaw2005-01-31
Debian
CVE-2005-0175: squid - Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an H...2005

💬Community

1
Bugzilla
CVE-2005-0175 security flaw2018-08-16