2.6

CVE-2005-0626

Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SquidSquid Version2.5.stable5
SquidSquid Version2.5.stable6
SquidSquid Version2.5.stable7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.35% 0.679
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://fedoranews.org/updates/FEDORA--.shtml
http://www.redhat.com/support/errata/RHSA-2005-415.html
http://www.securityfocus.com/bid/12716
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-setcookie
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/19581
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11169
https://usn.ubuntu.com/93-1/