[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-0211Date: (C)2005-05-02   (M)2023-12-22


Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1013045
BID-12432
OSVDB-13319
SECUNIA-14076
http://marc.info/?l=bugtraq&m=110780531820947&w=2
DSA-667
FLSA-2006:152809
MDKSA-2005:034
RHSA-2005:060
RHSA-2005:061
SUSE-SA:2005:006
VU#886006
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patch
oval:org.mitre.oval:def:9573

CPE    1
cpe:/o:debian:debian_linux:3.0
CWE    1
CWE-119

© SecPod Technologies