CVE-2005-0446
NONE EPSS 98.5%
Published May 2, 200521y ago · Modified Jun 16, 20262w ago
Published May 2, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.
Threat Intelligence
EPSS Exploit Probability
98.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 59
| Vendor | Product | Version | Range |
|---|---|---|---|
| squid | squid | 2.0.patch1 | any |
| squid | squid | 2.0.patch2 | any |
| squid | squid | 2.0.pre1 | any |
| squid | squid | 2.0.release | any |
| squid | squid | 2.0_patch2 | any |
| squid | squid | 2.1.patch1 | any |
| squid | squid | 2.1.patch2 | any |
| squid | squid | 2.1.pre1 | any |
| squid | squid | 2.1.pre3 | any |
| squid | squid | 2.1.pre4 | any |
| squid | squid | 2.1.release | any |
| squid | squid | 2.1_patch2 | any |
| squid | squid | 2.2.devel3 | any |
| squid | squid | 2.2.devel4 | any |
| squid | squid | 2.2.pre1 | any |
| squid | squid | 2.2.pre2 | any |
| squid | squid | 2.2.stable1 | any |
| squid | squid | 2.2.stable2 | any |
| squid | squid | 2.2.stable3 | any |
| squid | squid | 2.2.stable4 | any |
| squid | squid | 2.2.stable5 | any |
| squid | squid | 2.3.devel2 | any |
| squid | squid | 2.3.devel3 | any |
| squid | squid | 2.3.stable1 | any |
| squid | squid | 2.3.stable2 | any |
| squid | squid | 2.3.stable3 | any |
| squid | squid | 2.3.stable4 | any |
| squid | squid | 2.3.stable5 | any |
| squid | squid | 2.3_.stable4 | any |
| squid | squid | 2.3_.stable5 | any |
| squid | squid | 2.3_stable5 | any |
| squid | squid | 2.4 | any |
| squid | squid | 2.4.stable1 | any |
| squid | squid | 2.4.stable2 | any |
| squid | squid | 2.4.stable3 | any |
| squid | squid | 2.4.stable4 | any |
| squid | squid | 2.4.stable6 | any |
| squid | squid | 2.4.stable7 | any |
| squid | squid | 2.4_.stable2 | any |
| squid | squid | 2.4_.stable6 | any |
| squid | squid | 2.4_.stable7 | any |
| squid | squid | 2.4_stable7 | any |
| squid | squid | 2.5.6 | any |
| squid | squid | 2.5.stable1 | any |
| squid | squid | 2.5.stable2 | any |
| squid | squid | 2.5.stable3 | any |
| squid | squid | 2.5.stable4 | any |
| squid | squid | 2.5.stable5 | any |
| squid | squid | 2.5.stable6 | any |
| squid | squid | 2.5.stable7 | any |
| squid | squid | 2.5.stable8 | any |
| squid | squid | 2.5_.stable1 | any |
| squid | squid | 2.5_.stable3 | any |
| squid | squid | 2.5_.stable4 | any |
| squid | squid | 2.5_.stable5 | any |
| squid | squid | 2.5_.stable6 | any |
| squid | squid | 2.5_stable3 | any |
| squid | squid | 2.5_stable4 | any |
| squid | squid | 2.5_stable9 | any |
References 14
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931
- fedoranews.org http://fedoranews.org/updates/FEDORA--.shtml
- marc.info http://marc.info/?l=bugtraq&m=110901183320453&w=2
- secunia.com http://secunia.com/advisories/14271
- debian.org http://www.debian.org/security/2005/dsa-688
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200502-25.xml
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:047
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-173.html
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-201.html
- securityfocus.com http://www.securityfocus.com/bid/12551
- squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert
- squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/19332
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11264
Remediation
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931
- secunia.com http://secunia.com/advisories/14271
- debian.org http://www.debian.org/security/2005/dsa-688
- gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200502-25.xml
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-173.html
- squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert
- squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch