Vulnerability CVE-2005-0095 - CERT Civis.Net

Vulnerability Name:

CVE-2005-0095 (CCN-18884)

Assigned:

2005-01-12

Published:

2005-01-12

Updated:

2017-10-11

Summary:

The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2005-0095

Source: CONECTIVA
Type: Patch, Vendor Advisory
CLA-2005:923

Source: FEDORA
Type: UNKNOWN
FLSA-2006:152809

Source: CCN
Type: RHSA-2005-060
squid security update

Source: CCN
Type: RHSA-2005-061
squid security update

Source: CCN
Type: SA13825
Squid Two Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
13825

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200501-25

Source: CCN
Type: SECTRACK ID: 1012882
Squid Input Validation Error in Processing WCCP Messages Lets Remote Users Crash Squid

Source: SECTRACK
Type: UNKNOWN
1012882

Source: CCN
Type: CIAC Information Bulletin P-138
Updated Squid Package Fixes Security Issues

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-651

Source: DEBIAN
Type: DSA-651
squid -- buffer overflow

Source: CCN
Type: GLSA-200501-25
Squid: Multiple vulnerabilities

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:014

Source: SUSE
Type: Patch, Vendor Advisory
SUSE-SA:2005:006

Source: OSVDB
Type: UNKNOWN
12886

Source: CCN
Type: OSVDB ID: 12886
Squid Malformed WCCP_I_SEE_YOU Messsage DoS

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:060

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:061

Source: BID
Type: UNKNOWN
12275

Source: CCN
Type: BID-12275
Squid Proxy Web Cache Communication Protocol Denial Of Service Vulnerability

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.squid-cache.org/Advisories/SQUID-2005_2.txt

Source: CCN
Type: Squid Web Proxy Cache Web site
Denial of service with forged WCCP messages

Source: CONFIRM
Type: Exploit, Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch

Source: TRUSTIX
Type: Patch, Vendor Advisory
2005-0003

Source: CCN
Type: TLSA-2005-24
Multiple vulnerabilities exist in Squid

Source: CCN
Type: USN-67-1
Squid vulnerabilities

Source: XF
Type: UNKNOWN
squid-wccp-dos(18884)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10269

Source: SUSE
Type: SUSE-SA:2005:006
squid: remote command execution

Source: SUSE
Type: SUSE-SR:2005:003
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:squid:squid:2.0_patch2:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.1_patch2:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.3_.stable4:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.3_.stable5:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.3_stable5:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.4:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.4_.stable2:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.4_.stable6:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.4_.stable7:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.4_stable7:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.6:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.stable1:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.stable2:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.stable3:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.stable4:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.stable5:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.stable6:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5.stable7:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_.stable1:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_.stable3:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_.stable4:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_.stable5:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_.stable6:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_stable3:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_stable4:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.5_stable9:*:*:*:*:*:*:*

OR cpe:/a:squid:squid:2.6.stable1:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:squid-cache:squid:2.4:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.5.stable5:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.5.stable7:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.5.stable9:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.4.stable2:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.4.stable6:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.5.stable4:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.5.stable3:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.5.stable1:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.4.stable7:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.5.stable2:*:*:*:*:*:*:*

OR cpe:/a:squid-cache:squid:2.6.stable1:*:*:*:*:*:*:*

AND

cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*

OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*

OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*

OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:2.1:*:aw:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*

OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20050095	V	CVE-2005-0095	2015-11-16
oval:org.mitre.oval:def:10269	V	The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.	2013-04-29
oval:com.redhat.rhsa:def:20050060	P	RHSA-2005:060: squid security update (Important)	2005-02-15
oval:com.redhat.rhsa:def:20050061	P	RHSA-2005:061: squid security update (Important)	2005-02-11
oval:org.debian:def:651	V	buffer overflow, integer overflow	2005-01-20