5

CVE-2005-0174

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.

Data is provided by the National Vulnerability Database (NVD)
SquidSquid Version2.5.6
SquidSquid Version2.5.stable1
SquidSquid Version2.5.stable2
SquidSquid Version2.5.stable3
SquidSquid Version2.5.stable4
SquidSquid Version2.5.stable5
SquidSquid Version2.5.stable6
SquidSquid Version2.5.stable7
SquidSquid Version2.5_.stable1
SquidSquid Version2.5_.stable3
SquidSquid Version2.5_.stable4
SquidSquid Version2.5_.stable5
SquidSquid Version2.5_.stable6
SquidSquid Version2.5_stable3
SquidSquid Version2.5_stable4
SquidSquid Version2.5_stable9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 85.95% 0.993
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
http://www.kb.cert.org/vuls/id/768702
Third Party Advisory
US Government Resource