cbcvebase.
CVE-2005-0446
published 2005-05-02

CVE-2005-0446: Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names…

PriorityP428medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
41.11%
98.5th percentile
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.

Affected

64 ranges· showing 25
VendorProductVersion rangeFixed in
debiansquid< squid 2.5.8-3 (bookworm)squid 2.5.8-3 (bookworm)
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid
squidsquid

Detection & IOCsextracted from sources · hover to see the quote

  • Malicious or faulty DNS server sending malformed IP address responses can crash Squid via assertion failure in ipcache.c or fqdncache.c
  • Trigger is in DNS response parsing code — monitor Squid process for unexpected assertion failures/crashes originating from fqdncache.c or ipcache.c
  • ·Affected versions are Squid 2.5.STABLE8 and earlier; fixed in Debian package version 2.5.8-3

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.