CVE-2005-0446
published 2005-05-02CVE-2005-0446: Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names…
PriorityP428medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
41.11%
98.5th percentile
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
Affected
64 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | < squid 2.5.8-3 (bookworm) | squid 2.5.8-3 (bookworm) |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
| squid | squid | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Malicious or faulty DNS server sending malformed IP address responses can crash Squid via assertion failure in ipcache.c or fqdncache.c ↗
- →Trigger is in DNS response parsing code — monitor Squid process for unexpected assertion failures/crashes originating from fqdncache.c or ipcache.c ↗
- ·Affected versions are Squid 2.5.STABLE8 and earlier; fixed in Debian package version 2.5.8-3 ↗
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Squid vulnerabilities
vendor_ubuntu·2005-02-21
CVE-2005-0194 Squid vulnerabilities
Title: Squid vulnerabilities
Summary: Squid vulnerabilities
When parsing the configuration file, squid interpreted empty Access
Control Lists (ACLs) without defined authentication schemes in a
non-obvious way. This could allow remote attackers to bypass intended
ACLs. (CAN-2005-0194)
A remote Denial of Service vulnerability was discovered in the domain
name resolution code. A faulty or malicious DNS server could stop the
Squid server immediately by sending a malformed IP address.
(CAN-2005-0446)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-02-13·CVSS 5.0
CVE-2005-0446 [MEDIUM] security flaw
security flaw
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
Debian
CVE-2005-0446: squid - Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of servi...
vendor_debian·2005·CVSS 5.0
CVE-2005-0446 [MEDIUM] CVE-2005-0446: squid - Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of servi...
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
Scope: local
bookworm: resolved (fixed in 2.5.8-3)
bullseye: resolved (fixed in 2.5.8-3)
forky: resolved (fixed in 2.5.8-3)
sid: resolved (fixed in 2.5.8-3)
trixie: resolved (fixed in 2.5.8-3)
GHSA
GHSA-2f87-jcwj-5f4g: Squid 2
ghsa_unreviewed·2022-05-01
CVE-2005-0446 [MEDIUM] GHSA-2f87-jcwj-5f4g: Squid 2
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
OSV
CVE-2005-0446: Squid 2
osv·2005-05-02·CVSS 5.0
CVE-2005-0446 [MEDIUM] CVE-2005-0446: Squid 2
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-0446 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2005-0446 [MEDIUM] CVE-2005-0446 security flaw
CVE-2005-0446 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
Bugzilla
Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345
bugzilla·2004-10-11·CVSS 7.5
CVE-2004-0541 [HIGH] Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345
Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345 CVE-2005-1519 CVE-2004-2479 CVE-2005-2794 CVE-2005-...
iDEFENSE reported on 2004-10-11 a vulnerability in the squid SNMP
module. This issue could lead to a potential DOS (it will restart
the server, dropping all open connections).
http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135320
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135319
------- Additional Comments From [email protected] 2004-10-11 19:30:05 ----
Patch available here:
http://www1.uk.squid-cache.org/squid/Versions/v2/2
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931http://fedoranews.org/updates/FEDORA--.shtmlhttp://marc.info/?l=bugtraq&m=110901183320453&w=2http://secunia.com/advisories/14271http://www.debian.org/security/2005/dsa-688http://www.gentoo.org/security/en/glsa/glsa-200502-25.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:047http://www.redhat.com/support/errata/RHSA-2005-173.htmlhttp://www.redhat.com/support/errata/RHSA-2005-201.htmlhttp://www.securityfocus.com/bid/12551http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_asserthttp://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patchhttps://exchange.xforce.ibmcloud.com/vulnerabilities/19332https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11264http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931http://fedoranews.org/updates/FEDORA--.shtmlhttp://marc.info/?l=bugtraq&m=110901183320453&w=2http://secunia.com/advisories/14271http://www.debian.org/security/2005/dsa-688http://www.gentoo.org/security/en/glsa/glsa-200502-25.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:047http://www.redhat.com/support/errata/RHSA-2005-173.htmlhttp://www.redhat.com/support/errata/RHSA-2005-201.htmlhttp://www.securityfocus.com/bid/12551http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_asserthttp://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patchhttps://exchange.xforce.ibmcloud.com/vulnerabilities/19332https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11264
2005-05-02
Published