Vulnerability Name:

CVE-2004-2479 (CCN-18406)

Assigned:2004-11-23
Published:2004-11-23
Updated:2017-10-11
Summary:Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2004-2479

Source: FEDORA
Type: UNKNOWN
FLSA-2006:152809

Source: CCN
Type: RHSA-2005-766
squid security update

Source: CCN
Type: SA13408
Squid Malformed Host Name Error Message Information Leakage

Source: SECUNIA
Type: Patch, Vendor Advisory
13408

Source: SECUNIA
Type: UNKNOWN
16977

Source: CCN
Type: SECTRACK ID: 1012466
Squid May Disclose Random Internal Information to Remote Users

Source: SECTRACK
Type: Patch
1012466

Source: OSVDB
Type: UNKNOWN
12282

Source: CCN
Type: OSVDB ID: 12282
Squid Malformed Host Name Error Message Information Disclosure

Source: REDHAT
Type: UNKNOWN
RHSA-2005:766

Source: BID
Type: Patch
11865

Source: CCN
Type: BID-11865
Squid Proxy Failed DNS Lookup Random Error Messages Information Disclosure Vulnerability

Source: CCN
Type: Squid Web Proxy Cache Web site
Squid Web Proxy Cache

Source: CCN
Type: Squid Bugzilla Bug 1143
Squid returns random error messages.

Source: CONFIRM
Type: Patch
http://www.squid-cache.org/bugs/show_bug.cgi?id=1143

Source: XF
Type: UNKNOWN
squid-hostname-information-disclosure(18406)

Source: XF
Type: UNKNOWN
squid-hostname-obtain-info(18406)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9711

Vulnerable Configuration:Configuration 1:
  • cpe:/a:national_science_foundation:squid_web_proxy_cache:2.5_stable1:*:*:*:*:*:*:*
  • OR cpe:/a:national_science_foundation:squid_web_proxy_cache:2.5_stable2:*:*:*:*:*:*:*
  • OR cpe:/a:national_science_foundation:squid_web_proxy_cache:2.5_stable3:*:*:*:*:*:*:*
  • OR cpe:/a:national_science_foundation:squid_web_proxy_cache:2.5_stable4:*:*:*:*:*:*:*
  • OR cpe:/a:national_science_foundation:squid_web_proxy_cache:2.5_stable5:*:*:*:*:*:*:*
  • OR cpe:/a:national_science_foundation:squid_web_proxy_cache:2.5_stable6:*:*:*:*:*:*:*
  • OR cpe:/a:national_science_foundation:squid_web_proxy_cache:2.5_stable7:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:squid-cache:squid:2.5.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable2:*:*:*:*:*:*:*
  • AND
  • cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:9711
    V
    		Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
    2013-04-29
    oval:com.redhat.rhsa:def:20050766
    P
    		RHSA-2005:766: squid security update (Important)
    2005-09-15
    BACK
    national_science_foundation squid web proxy cache 2.5_stable1
    national_science_foundation squid web proxy cache 2.5_stable2
    national_science_foundation squid web proxy cache 2.5_stable3
    national_science_foundation squid web proxy cache 2.5_stable4
    national_science_foundation squid web proxy cache 2.5_stable5
    national_science_foundation squid web proxy cache 2.5_stable6
    national_science_foundation squid web proxy cache 2.5_stable7
    squid-cache squid 2.5.stable5
    squid-cache squid 2.5.stable7
    squid-cache squid 2.5.stable4
    squid-cache squid 2.5.stable3
    squid-cache squid 2.5.stable1
    squid-cache squid 2.5.stable2
    freebsd freebsd *
    openbsd openbsd *
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1