CVE-2005-0241
published 2005-05-02CVE-2005-0241: The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP…
PriorityP344medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
69.66%
99.3th percentile
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | < squid 2.5.7-7 (bookworm) | squid 2.5.7-7 (bookworm) |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | >= 0 < 2.5.7-7 | 2.5.7-7 |
| squid | squid | >= 0 < 2.5.7-7 | 2.5.7-7 |
| squid | squid | >= 0 < 2.5.7-7 | 2.5.7-7 |
| squid | squid | >= 0 < 2.5.7-7 | 2.5.7-7 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerable function is `httpProcessReplyHeader` in `http.c`; monitor Squid versions 2.5-STABLE7 and earlier for oversized HTTP reply headers that may indicate cache poisoning or access control bypass attempts. ↗
- ·Squid 2.5-STABLE7 and earlier are affected; the Debian fix was applied in package version 2.5.7-7. Ensure Squid is upgraded to a patched version to remediate. ↗
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2005-01-31·CVSS 5.0
CVE-2005-0241 [MEDIUM] security flaw
security flaw
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
Debian
CVE-2005-0241: squid - The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier ...
vendor_debian·2005·CVSS 5.0
CVE-2005-0241 [MEDIUM] CVE-2005-0241: squid - The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier ...
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
Scope: local
bookworm: resolved (fixed in 2.5.7-7)
bullseye: resolved (fixed in 2.5.7-7)
forky: resolved (fixed in 2.5.7-7)
sid: resolved (fixed in 2.5.7-7)
trixie: resolved (fixed in 2.5.7-7)
GHSA
GHSA-7q73-vrf9-vhjw: The httpProcessReplyHeader function in http
ghsa_unreviewed·2022-05-01
CVE-2005-0241 [MEDIUM] GHSA-7q73-vrf9-vhjw: The httpProcessReplyHeader function in http
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
OSV
CVE-2005-0241: The httpProcessReplyHeader function in http
osv·2005-05-02·CVSS 5.0
CVE-2005-0241 [MEDIUM] CVE-2005-0241: The httpProcessReplyHeader function in http
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
No detection rules found.
No public exploits indexed.
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931http://fedoranews.org/updates/FEDORA--.shtmlhttp://secunia.com/advisories/14091http://www.kb.cert.org/vuls/id/823350http://www.novell.com/linux/security/advisories/2005_06_squid.htmlhttp://www.redhat.com/support/errata/RHSA-2005-060.htmlhttp://www.redhat.com/support/errata/RHSA-2005-061.htmlhttp://www.securityfocus.com/bid/12412http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headershttp://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patchhttp://www.squid-cache.org/bugs/show_bug.cgi?id=1216https://exchange.xforce.ibmcloud.com/vulnerabilities/19060https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931http://fedoranews.org/updates/FEDORA--.shtmlhttp://secunia.com/advisories/14091http://www.kb.cert.org/vuls/id/823350http://www.novell.com/linux/security/advisories/2005_06_squid.htmlhttp://www.redhat.com/support/errata/RHSA-2005-060.htmlhttp://www.redhat.com/support/errata/RHSA-2005-061.htmlhttp://www.securityfocus.com/bid/12412http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headershttp://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patchhttp://www.squid-cache.org/bugs/show_bug.cgi?id=1216https://exchange.xforce.ibmcloud.com/vulnerabilities/19060https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998
2005-05-02
Published