Vulnerability Name:

CVE-2004-0918 (CCN-17688)

Assigned:2004-10-11
Published:2004-10-11
Updated:2017-10-11
Summary:The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: SCO
Type: UNKNOWN
SCOSA-2005.16

Source: MITRE
Type: CNA
CVE-2004-0918

Source: CONECTIVA
Type: UNKNOWN
CLA-2005:923

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2004:882
Fixes for squid vulnerabilities

Source: FEDORA
Type: UNKNOWN
FLSA-2006:152809

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:014

Source: OPENPKG
Type: UNKNOWN
OpenPKG-SA-2004.048

Source: CCN
Type: RHSA-2004-591
squid security update

Source: SECUNIA
Type: Vendor Advisory
30914

Source: SECUNIA
Type: Vendor Advisory
30967

Source: DEBIAN
Type: DSA-576
squid -- several vulnerabilities

Source: CCN
Type: GLSA-200410-15
Squid: Remote DoS vulnerability

Source: GENTOO
Type: UNKNOWN
GLSA-200410-15

Source: CCN
Type: iDEFENSE Security Advisory 10.11.04
Squid Web Proxy Cache Remote Denial of Service Vulnerability

Source: IDEFENSE
Type: UNKNOWN
20041011 Squid Web Proxy Cache Remote Denial of Service Vulnerability

Source: CCN
Type: OpenPKG-SA-2004.048
Squid

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2004:591

Source: BID
Type: Patch, Vendor Advisory
11385

Source: CCN
Type: BID-11385
Squid Proxy SNMP ASN.1 Parser Denial Of Service Vulnerability

Source: CCN
Type: Squid Web Proxy Cache Web site
Squid Web Proxy Cache

Source: CONFIRM
Type: UNKNOWN
http://www.squid-cache.org/Advisories/SQUID-2004_3.txt

Source: CONFIRM
Type: UNKNOWN
http://www.squid-cache.org/Advisories/SQUID-2008_1.txt

Source: CCN
Type: Trustix Secure Linux Security Advisory #2004-0054
Multiple security vulnerabilities

Source: CCN
Type: USN-19-1
squid vulnerabilities

Source: VUPEN
Type: Vendor Advisory
ADV-2008-1969

Source: XF
Type: UNKNOWN
squid-snmp-asnparseheader-dos(17688)

Source: XF
Type: UNKNOWN
squid-snmp-asnparseheader-dos(17688)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10931

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-6045

Source: SUSE
Type: SUSE-SA:2004:039
xpdf gpdf kdegraphics3-pdf pdftohtml cups: remote system compromise

Source: SUSE
Type: SUSE-SR:2008:014
[security-announce] SUSE Security Summary Report SUSE-SR:2008:014

Vulnerable Configuration:Configuration 1:
  • cpe:/a:openpkg:openpkg:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.0_patch2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.1_patch2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.3_.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.3_.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4_.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4_.stable6:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4_.stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable6:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:3.0_pre1:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:3.0_pre2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:3.0_pre3:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*
  • OR cpe:/o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:squid-cache:squid:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable6:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable7:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:openpkg:openpkg:2.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20040918
    V
    		CVE-2004-0918
    2015-11-16
    oval:org.mitre.oval:def:10931
    V
    		The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.
    2013-04-29
    oval:org.debian:def:576
    V
    		several vulnerabilities
    2004-10-29
    oval:com.redhat.rhsa:def:20040591
    P
    		RHSA-2004:591: squid security update (Important)
    2004-10-20
    BACK
    openpkg openpkg 2.1
    openpkg openpkg 2.2
    openpkg openpkg current
    squid squid 2.0_patch2
    squid squid 2.1_patch2
    squid squid 2.3_.stable4
    squid squid 2.3_.stable5
    squid squid 2.4
    squid squid 2.4_.stable2
    squid squid 2.4_.stable6
    squid squid 2.4_.stable7
    squid squid 2.5_.stable1
    squid squid 2.5_.stable3
    squid squid 2.5_.stable4
    squid squid 2.5_.stable5
    squid squid 2.5_.stable6
    squid squid 3.0_pre1
    squid squid 3.0_pre2
    squid squid 3.0_pre3
    gentoo linux *
    redhat fedora core core_2.0
    trustix secure linux 1.5
    trustix secure linux 2.0
    trustix secure linux 2.1
    ubuntu ubuntu linux 4.1
    ubuntu ubuntu linux 4.1
    squid-cache squid 2.4
    squid-cache squid 2.5.stable5
    squid-cache squid 2.4.stable2
    squid-cache squid 2.4.stable6
    squid-cache squid 2.5.stable4
    squid-cache squid 2.5.stable3
    squid-cache squid 2.5.stable1
    squid-cache squid 2.4.stable7
    debian debian linux 3.0
    openpkg openpkg current
    gentoo linux *
    suse suse linux 8.1
    suse linux enterprise server 8
    mandrakesoft mandrake multi network firewall 8.2
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 8.2
    redhat enterprise linux 2.1
    conectiva linux 9.0
    trustix secure linux 2.0
    suse suse linux 9.0
    mandrakesoft mandrake linux 9.2
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    trustix secure linux 2.1
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    conectiva linux 10
    openpkg openpkg 2.1
    openpkg openpkg 2.2
    mandrakesoft mandrake linux 10.1
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1