Vulnerability Name:

CVE-2005-0095 (CCN-18884)

Assigned:2005-01-12
Published:2005-01-12
Updated:2017-10-11
Summary:The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2005-0095

Source: CONECTIVA
Type: Patch, Vendor Advisory
CLA-2005:923

Source: FEDORA
Type: UNKNOWN
FLSA-2006:152809

Source: CCN
Type: RHSA-2005-060
squid security update

Source: CCN
Type: RHSA-2005-061
squid security update

Source: CCN
Type: SA13825
Squid Two Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
13825

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200501-25

Source: CCN
Type: SECTRACK ID: 1012882
Squid Input Validation Error in Processing WCCP Messages Lets Remote Users Crash Squid

Source: SECTRACK
Type: UNKNOWN
1012882

Source: CCN
Type: CIAC Information Bulletin P-138
Updated Squid Package Fixes Security Issues

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-651

Source: DEBIAN
Type: DSA-651
squid -- buffer overflow

Source: CCN
Type: GLSA-200501-25
Squid: Multiple vulnerabilities

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:014

Source: SUSE
Type: Patch, Vendor Advisory
SUSE-SA:2005:006

Source: OSVDB
Type: UNKNOWN
12886

Source: CCN
Type: OSVDB ID: 12886
Squid Malformed WCCP_I_SEE_YOU Messsage DoS

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:060

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:061

Source: BID
Type: UNKNOWN
12275

Source: CCN
Type: BID-12275
Squid Proxy Web Cache Communication Protocol Denial Of Service Vulnerability

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.squid-cache.org/Advisories/SQUID-2005_2.txt

Source: CCN
Type: Squid Web Proxy Cache Web site
Denial of service with forged WCCP messages

Source: CONFIRM
Type: Exploit, Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch

Source: TRUSTIX
Type: Patch, Vendor Advisory
2005-0003

Source: CCN
Type: TLSA-2005-24
Multiple vulnerabilities exist in Squid

Source: CCN
Type: USN-67-1
Squid vulnerabilities

Source: XF
Type: UNKNOWN
squid-wccp-dos(18884)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10269

Source: SUSE
Type: SUSE-SA:2005:006
squid: remote command execution

Source: SUSE
Type: SUSE-SR:2005:003
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:squid:squid:2.0_patch2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.1_patch2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.3_.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.3_.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.3_stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4_.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4_.stable6:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4_.stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.4_stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.stable6:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5.stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_.stable6:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.5_stable9:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:2.6.stable1:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:squid-cache:squid:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable9:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable6:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.4.stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.6.stable1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20050095
    V
    CVE-2005-0095
    2015-11-16
    oval:org.mitre.oval:def:10269
    V
    The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
    2013-04-29
    oval:com.redhat.rhsa:def:20050060
    P
    RHSA-2005:060: squid security update (Important)
    2005-02-15
    oval:com.redhat.rhsa:def:20050061
    P
    RHSA-2005:061: squid security update (Important)
    2005-02-11
    oval:org.debian:def:651
    V
    buffer overflow, integer overflow
    2005-01-20
    BACK
    squid squid 2.0_patch2
    squid squid 2.1_patch2
    squid squid 2.3_.stable4
    squid squid 2.3_.stable5
    squid squid 2.3_stable5
    squid squid 2.4
    squid squid 2.4_.stable2
    squid squid 2.4_.stable6
    squid squid 2.4_.stable7
    squid squid 2.4_stable7
    squid squid 2.5.6
    squid squid 2.5.stable1
    squid squid 2.5.stable2
    squid squid 2.5.stable3
    squid squid 2.5.stable4
    squid squid 2.5.stable5
    squid squid 2.5.stable6
    squid squid 2.5.stable7
    squid squid 2.5_.stable1
    squid squid 2.5_.stable3
    squid squid 2.5_.stable4
    squid squid 2.5_.stable5
    squid squid 2.5_.stable6
    squid squid 2.5_stable3
    squid squid 2.5_stable4
    squid squid 2.5_stable9
    squid squid 2.6.stable1
    squid-cache squid 2.4
    squid-cache squid 2.5.stable5
    squid-cache squid 2.5.stable7
    squid-cache squid 2.5.stable9
    squid-cache squid 2.4.stable2
    squid-cache squid 2.4.stable6
    squid-cache squid 2.5.stable4
    squid-cache squid 2.5.stable3
    squid-cache squid 2.5.stable1
    squid-cache squid 2.4.stable7
    squid-cache squid 2.5.stable2
    squid-cache squid 2.6.stable1
    debian debian linux 3.0
    gentoo linux *
    suse suse linux 8.1
    suse linux enterprise server 8
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 8.2
    redhat enterprise linux 2.1
    suse suse linux 9.0
    mandrakesoft mandrake linux 9.2
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    suse suse linux 9.1
    redhat enterprise linux 3
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1