Vulnerability Name:

CVE-2005-2917 (CCN-24282)

Assigned:2005-09-15
Published:2005-09-15
Updated:2017-10-11
Summary:Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: SCO
Type: UNKNOWN
SCOSA-2005.49

Source: SGI
Type: UNKNOWN
20060401-01-U

Source: CCN
Type: SGI Security Advisory 20060401-01-U
SGI Advanced Linux Environment 3 Security Update #56

Source: MITRE
Type: CNA
CVE-2005-2917

Source: FEDORA
Type: UNKNOWN
FLSA-2006:152809

Source: CCN
Type: RHSA-2006-0045
squid security update

Source: CCN
Type: RHSA-2006-0052
squid security update

Source: CCN
Type: SA16992
Squid NTLM Authentication Handling Denial of Service

Source: SECUNIA
Type: Patch, Vendor Advisory
16992

Source: SECUNIA
Type: UNKNOWN
17015

Source: SECUNIA
Type: UNKNOWN
17050

Source: SECUNIA
Type: UNKNOWN
17177

Source: SECUNIA
Type: UNKNOWN
19161

Source: SECUNIA
Type: UNKNOWN
19532

Source: CCN
Type: SECTRACK ID: 1014920
Squid Can Be Crashed By Remote Users With Specially Crafted Authentication Headers

Source: SECTRACK
Type: UNKNOWN
1014920

Source: CCN
Type: ASA-2006-067
squid security update (RHSA-2006-0052)

Source: CCN
Type: ASA-2006-072
squid security update (RHSA-2006-0045)

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-828

Source: DEBIAN
Type: DSA-828
squid -- authentication handling

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2005:181

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:027

Source: OSVDB
Type: UNKNOWN
19607

Source: CCN
Type: OSVDB ID: 19607
Squid Crafted NTLM Authentication Header DoS

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0045

Source: REDHAT
Type: UNKNOWN
RHSA-2006:0052

Source: BID
Type: UNKNOWN
14977

Source: CCN
Type: BID-14977
Squid Proxy Client NTLM Authentication Denial Of Service Vulnerability

Source: CCN
Type: Squid 2.5 Web page
Squid-2.5 Patches

Source: CCN
Type: TLSA-2005-101
Squid denial of service attack

Source: CCN
Type: USN-192-1
Squid vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-192-1

Source: XF
Type: UNKNOWN
squid-ntlm-authentication-dos(24282)

Source: XF
Type: UNKNOWN
squid-ntlm-authentication-dos(24282)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11580

Source: SUSE
Type: SUSE-SR:2005:025
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2005:027
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:squid:squid:2.5.9:*:*:*:*:*:*:*
  • OR cpe:/a:squid:squid:*:*:*:*:*:*:*:* (Version <= 2.5.stable10)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:squid-cache:squid:2.5.stable5:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable7:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable9:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable10:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable4:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable3:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable1:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable2:*:*:*:*:*:*:*
  • OR cpe:/a:squid-cache:squid:2.5.stable8:*:*:*:*:*:*:*
  • AND
  • cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052917
    V
    		CVE-2005-2917
    2015-11-16
    oval:org.mitre.oval:def:11580
    V
    		Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
    2013-04-29
    oval:com.redhat.rhsa:def:20060045
    P
    		RHSA-2006:0045: squid security update (Moderate)
    2006-03-15
    oval:com.redhat.rhsa:def:20060052
    P
    		RHSA-2006:0052: squid security update (Moderate)
    2006-03-07
    oval:org.debian:def:828
    V
    		authentication handling
    2005-09-30
    BACK
    squid squid 2.5.9
    squid squid *
    squid-cache squid 2.5.stable5
    squid-cache squid 2.5.stable7
    squid-cache squid 2.5.stable9
    squid-cache squid 2.5.stable10
    squid-cache squid 2.5.stable4
    squid-cache squid 2.5.stable3
    squid-cache squid 2.5.stable1
    squid-cache squid 2.5.stable2
    squid-cache squid 2.5.stable8
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    mandrakesoft mandrake multi network firewall 2.0
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux corporate server 3.0
    mandrakesoft mandrake linux corporate server 2.1