Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD44E7764C-2614-11DA-9E1E-C296AC722CB3
HistorySep 12, 2005 - 12:00 a.m.

squid -- possible denial of service condition regarding NTLM authentication

2005-09-1200:00:00
vuxml.freebsd.org
16

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.96 High

EPSS

Percentile

99.5%

JSON

The squid patches page notes:

Squid may crash with the above error [FATAL: Incorrect scheme in
auth header] when given certain request sentences.
Workaround: disable NTLM authentication.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchsquid< 2.5.10_6UNKNOWN

Related

nessus 10
openvas 6
ubuntu 1
osv 1
cve 1
redhat 2
ubuntucve 1
checkpoint_advisories 1
centos 2
debian 2
nvd 1
debiancve 1
cvelist 1
nessus
nessus
Mandrake Linux Security Advisory : squid (MDKSA-2005:181)
2005-10-19 00:00:00
RHEL 4 : squid (RHSA-2006:0052)
2006-03-08 00:00:00
Debian DSA-828-1 : squid - authentication handling
2005-10-05 00:00:00
openvas
openvas
FreeBSD Ports: squid
2008-09-04 00:00:00
FreeBSD Ports: squid
2008-09-04 00:00:00
Debian Security Advisory DSA 828-1 (squid)
2008-01-17 00:00:00
ubuntu
ubuntu
Squid vulnerability
2005-10-01 00:00:00
osv
osv
squid - several
2005-09-30 00:00:00
cve
cve
CVE-2005-2917
2005-09-30 18:05:00
redhat
redhat
(RHSA-2006:0045) squid security update
2006-03-15 09:27:16
(RHSA-2006:0052) squid security update
2006-03-07 12:56:55
ubuntucve
ubuntucve
CVE-2005-2917
2005-09-30 00:00:00
checkpoint_advisories
checkpoint_advisories
Squid Authentication Headers Handling Denial of Service (CVE-2005-2917)
2009-11-03 00:00:00
centos
centos
squid security update
2006-03-15 22:54:21
squid security update
2006-03-08 00:19:36
debian
debian
[SECURITY] [DSA 828-1] New squid packages fix denial of service
2005-09-30 05:23:10
[SECURITY] [DSA 828-1] New squid packages fix denial of service
2005-09-30 05:23:10
nvd
nvd
CVE-2005-2917
2005-09-30 18:05:00
debiancve
debiancve
CVE-2005-2917
2005-09-30 18:05:00
cvelist
cvelist
CVE-2005-2917
2005-09-30 04:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.96 High

EPSS

Percentile

99.5%

JSON
Related for 44E7764C-2614-11DA-9E1E-C296AC722CB3
nessus10openvas6ubuntu1osv1cve1redhat2ubuntucve1checkpoint_advisories1centos2debian2nvd1debiancve1cvelist1