cbcvebase.
CVE-2005-0241
published 2005-05-02

CVE-2005-0241: The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP…

PriorityP344medium5CVSS 2.0
AVNACLAuNCNIPAN
EPSS
69.66%
99.3th percentile
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.

Affected

12 ranges
VendorProductVersion rangeFixed in
debiansquid< squid 2.5.7-7 (bookworm)squid 2.5.7-7 (bookworm)
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid>= 0 < 2.5.7-72.5.7-7
squidsquid>= 0 < 2.5.7-72.5.7-7
squidsquid>= 0 < 2.5.7-72.5.7-7
squidsquid>= 0 < 2.5.7-72.5.7-7

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerable function is `httpProcessReplyHeader` in `http.c`; monitor Squid versions 2.5-STABLE7 and earlier for oversized HTTP reply headers that may indicate cache poisoning or access control bypass attempts.
  • ·Squid 2.5-STABLE7 and earlier are affected; the Debian fix was applied in package version 2.5.7-7. Ensure Squid is upgraded to a patched version to remediate.

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.