CVE-2005-2917

NONE EPSS 87.4%
Published Sep 30, 200520y ago · Modified Jun 16, 20262w ago
Find Similar
Published Sep 30, 2005 20y ago
Last Modified Jun 16, 2026 2w ago

Description

Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

Threat Intelligence

EPSS Exploit Probability
87.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
squidsquid* ≤2.5.stable10
squidsquid2.5.9any

References 20

  • ftp.sco.com ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
  • patches.sgi.com ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
  • fedoranews.org http://fedoranews.org/updates/FEDORA--.shtml
  • secunia.com http://secunia.com/advisories/16992
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/17015
  • secunia.com http://secunia.com/advisories/17050
  • secunia.com http://secunia.com/advisories/17177
  • secunia.com http://secunia.com/advisories/19161
  • secunia.com http://secunia.com/advisories/19532
  • securitytracker.com http://securitytracker.com/id?1014920
  • debian.org http://www.debian.org/security/2005/dsa-828
    PatchVendor Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:181
  • novell.com http://www.novell.com/linux/security/advisories/2005_27_sr.html
  • osvdb.org http://www.osvdb.org/19607
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0045.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2006-0052.html
  • securityfocus.com http://www.securityfocus.com/bid/14977
  • ubuntu.com http://www.ubuntu.com/usn/usn-192-1/
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/24282
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580

Remediation

  • secunia.com http://secunia.com/advisories/16992
    PatchVendor Advisory
  • debian.org http://www.debian.org/security/2005/dsa-828
    PatchVendor Advisory