CVE-2005-0446

9 documents8 sources

Severity

5.0MEDIUM

EPSS

65.9%

top 1.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Squid Squid

Timeline

PublishedMay 2

Latest updateMay 1

Description

Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debiansquid< 2.5.8-3+3

▶NVDsquid/squid59 versions+58

Patches

Patch: distro.conectiva.com.br ↗Patch: secunia.com ↗Patch: www.debian.org ↗

🔴Vulnerability Details

GHSA

GHSA-2f87-jcwj-5f4g: Squid 2↗2022-05-01

▶

OSV

CVE-2005-0446: Squid 2↗2005-05-02

▶

CVEList

CVE-2005-0446: Squid 2↗2005-02-15

▶

📋Vendor Advisories

Ubuntu

Squid vulnerabilities↗2005-02-21

▶

Red Hat

security flaw↗2005-02-13

▶

Debian

CVE-2005-0446: squid - Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of servi...↗2005

▶

💬Community

Bugzilla

CVE-2005-0446 security flaw↗2018-08-16

▶

Bugzilla

Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345↗2004-10-11

▶