5

CVE-2005-0174

EPSS 85.95%
Veröffentlicht 07.02.2005 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 16

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Squid ≫ Squid Version2.5.6

Squid ≫ Squid Version2.5.stable1

Squid ≫ Squid Version2.5.stable2

Squid ≫ Squid Version2.5.stable3

Squid ≫ Squid Version2.5.stable4

Squid ≫ Squid Version2.5.stable5

Squid ≫ Squid Version2.5.stable6

Squid ≫ Squid Version2.5.stable7

Squid ≫ Squid Version2.5_.stable1

Squid ≫ Squid Version2.5_.stable3

Squid ≫ Squid Version2.5_.stable4

Squid ≫ Squid Version2.5_.stable5

Squid ≫ Squid Version2.5_.stable6

Squid ≫ Squid Version2.5_stable3

Squid ≫ Squid Version2.5_stable4

Squid ≫ Squid Version2.5_stable9

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	85.95%	0.993

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://fedoranews.org/updates/FEDORA--.shtml

http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html

http://www.novell.com/linux/security/advisories/2005_06_squid.html

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-060.html

Patch

http://www.redhat.com/support/errata/RHSA-2005-061.html

Patch

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931

Vendor Advisory

http://marc.info/?l=bugtraq&m=110780531820947&w=2

http://www.kb.cert.org/vuls/id/768702

Third Party Advisory

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2005:034

http://www.securityfocus.com/bid/12412

http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing

Vendor Advisory

http://www3.br.squid-cache.org/Advisories/SQUID-2005_4.txt

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10656

https://nvd.nist.gov/vuln/detail/CVE-2005-0174

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0174

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0174

EUVD