Squid is a full-featured Web proxy cache.
A bug was found in the way Squid handles FQDN lookups. It was possible
to crash the Squid server by sending a carefully crafted DNS response to
an FQDN lookup. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0446 to this issue.
Users of squid should upgrade to this updated package, which contains a
backported patch, and is not vulnerable to this issue.
{"debiancve": [{"lastseen": "2022-12-17T15:21:17", "description": "Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.", "cvss3": {}, "published": "2005-05-02T04:00:00", "type": "debiancve", "title": "CVE-2005-0446", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2005-05-02T04:00:00", "id": "DEBIANCVE:CVE-2005-0446", "href": "https://security-tracker.debian.org/tracker/CVE-2005-0446", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:50:09", "description": "The remote host is missing an update to squid\nannounced via advisory DSA 688-1.", "cvss3": {}, "published": "2008-01-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 688-1 (squid)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-0446"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:53518", "href": "http://plugins.openvas.org/nasl.php?oid=53518", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_688_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 688-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Upstream developers have discovered several problems in squid, the\nInternet object cache, the popular WWW proxy cache. A remote attacker\ncan cause squid to crash via certain DNS responses.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.6-2woody7.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.5.8-3.\n\nWe recommend that you upgrade your squid package.\";\ntag_summary = \"The remote host is missing an update to squid\nannounced via advisory DSA 688-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20688-1\";\n\nif(description)\n{\n script_id(53518);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:56:38 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(12551);\n script_cve_id(\"CVE-2005-0446\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 688-1 (squid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squid\", ver:\"2.4.6-2woody7\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squid-cgi\", ver:\"2.4.6-2woody7\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"squidclient\", ver:\"2.4.6-2woody7\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:02", "description": "The remote host is missing updates announced in\nadvisory GLSA 200502-25.", "cvss3": {}, "published": "2008-09-24T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200502-25 (Squid)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-0446"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:54857", "href": "http://plugins.openvas.org/nasl.php?oid=54857", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Squid contains a bug in the handling of certain DNS responses resulting in\na Denial of Service.\";\ntag_solution = \"All Squid users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-proxy/squid-2.5.8'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200502-25\nhttp://bugs.gentoo.org/show_bug.cgi?id=81997\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200502-25.\";\n\n \n\nif(description)\n{\n script_id(54857);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(12551);\n script_cve_id(\"CVE-2005-0446\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200502-25 (Squid)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-proxy/squid\", unaffected: make_list(\"ge 2.5.8\"), vulnerable: make_list(\"lt 2.5.8\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:17", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n squid\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020457 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for squid", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-0446", "CVE-2005-0241"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065314", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065314", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5020457.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for squid\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n squid\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020457 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65314\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0446\", \"CVE-2005-0241\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for squid\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~2.5.STABLE5~42.30\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:55:12", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n squid\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020457 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "cvss3": {}, "published": "2009-10-10T00:00:00", "type": "openvas", "title": "SLES9: Security update for squid", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-0446", "CVE-2005-0241"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:65314", "href": "http://plugins.openvas.org/nasl.php?oid=65314", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5020457.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for squid\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n squid\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5020457 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65314);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2005-0446\", \"CVE-2005-0241\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for squid\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squid\", rpm:\"squid~2.5.STABLE5~42.30\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:15", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2008-09-04T00:00:00", "type": "openvas", "title": "FreeBSD Ports: squid", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-0446", "CVE-2005-0096", "CVE-2005-0097"], "modified": "2016-09-30T00:00:00", "id": "OPENVAS:53003", "href": "http://plugins.openvas.org/nasl.php?oid=53003", "sourceData": "#\n#VID 5bf1a715-cc57-440f-b0a5-6406961c54a7\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: squid\n\nCVE-2005-0446\nSquid 2.5.STABLE8 and earlier allows remote attackers to cause a\ndenial of service (crash) via certain DNS responses regarding (1)\nFully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses\nin ipcache.c, which trigger an assertion failure.\n\nCVE-2005-0096\nMemory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and\nearlier allows remote attackers to cause a denial of service (memory\nconsumption).\n\nCVE-2005-0097\nThe NTLM component in Squid 2.5.STABLE7 and earlier allows remote\nattackers to cause a denial of service (crash) via a malformed NTLM\ntype 3 message that triggers a NULL dereference.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert\nhttp://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth\nhttp://www.vuxml.org/freebsd/5bf1a715-cc57-440f-b0a5-6406961c54a7.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(53003);\n script_version(\"$Revision: 4188 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-30 07:56:47 +0200 (Fri, 30 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-0446\", \"CVE-2005-0096\", \"CVE-2005-0097\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: squid\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"squid\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.5.9\")<0) {\n txt += 'Package squid version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2021-12-03T02:30:05", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 688-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nFebruary 23rd, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : squid\nVulnerability : mising input sanitising\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-0446\n\nUpstream developers have discovered several problems in squid, the\nInternet object cache, the popular WWW proxy cache. A remote attacker\ncan cause squid to crash via certain DNS responses.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.6-2woody7.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.5.8-3.\n\nWe recommend that you upgrade your squid package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7.dsc\n Size/MD5 checksum: 612 bc9dc33a502eb9e0b4293c9a0e2aef18\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7.diff.gz\n Size/MD5 checksum: 236440 d1c8a57810656ee89295c82054824f8e\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6.orig.tar.gz\n Size/MD5 checksum: 1081920 59ce2c58da189626d77e27b9702ca228\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_alpha.deb\n Size/MD5 checksum: 815502 5baa03bdbc5258c31a9c093fd567084c\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_alpha.deb\n Size/MD5 checksum: 75622 5cfae27e8324a0ca0dfccb3dfbadcb1a\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_alpha.deb\n Size/MD5 checksum: 60366 fde4ec72c5629fe0d7f38b873c27e620\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_arm.deb\n Size/MD5 checksum: 726008 61adcf77023bbaa37db5e9161acf4050\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_arm.deb\n Size/MD5 checksum: 73382 5f3e398939e6a277ea015f9f3235eff1\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_arm.deb\n Size/MD5 checksum: 58704 ad58694d9fb083e67809a98f71187dad\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_i386.deb\n Size/MD5 checksum: 684338 577c9a8008c5ede1a4f16ef8520ed4c7\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_i386.deb\n Size/MD5 checksum: 73884 203f95f882aa4ea3ba68076fdcf94cfe\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_i386.deb\n Size/MD5 checksum: 58396 28dc7b3ad6406d51bf932600b85ece0b\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_ia64.deb\n Size/MD5 checksum: 953954 d79a494213f89d9c021273c55fa14490\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_ia64.deb\n Size/MD5 checksum: 79476 b227a17db6a5f115d99598210ed5d5f3\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_ia64.deb\n Size/MD5 checksum: 63034 23204a45be54339b31e04e9358e357c6\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_hppa.deb\n Size/MD5 checksum: 779584 c37982b618205e53554cdbdedfed1729\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_hppa.deb\n Size/MD5 checksum: 74828 d1f1807974aa091d258dda40f1a5e27a\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_hppa.deb\n Size/MD5 checksum: 59842 38372550333e90fba53558ab8ed9eebc\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_m68k.deb\n Size/MD5 checksum: 666248 649f02e2b065d64a7059c08b3aa38bfc\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_m68k.deb\n Size/MD5 checksum: 72730 cbbc04070becff9dbf07f8816a33a13c\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_m68k.deb\n Size/MD5 checksum: 57938 c0410320db936951124d49f799e77057\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_mips.deb\n Size/MD5 checksum: 765390 4f877c9010ee2ef13ba96b7105e3e19a\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_mips.deb\n Size/MD5 checksum: 74354 9b425951580d0d782cf0622003673fba\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_mips.deb\n Size/MD5 checksum: 58992 dd15f0bd3279f7012024121d60ecaeed\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_mipsel.deb\n Size/MD5 checksum: 765608 2e798cbf5b623b7c2bf06a13aebbefc0\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_mipsel.deb\n Size/MD5 checksum: 74478 6b9d563241173ef6f9baa4a0c6d73a69\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_mipsel.deb\n Size/MD5 checksum: 59102 833e1a5808ff69aa664fd055d713a03c\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_powerpc.deb\n Size/MD5 checksum: 722756 32ce8c5e69389b970843ed0b82691894\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_powerpc.deb\n Size/MD5 checksum: 73378 2661e53c7a134e96d8da81a3c3284bd1\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_powerpc.deb\n Size/MD5 checksum: 58586 c8d689cd3c7c09b9d119ab2c502f7d39\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_s390.deb\n Size/MD5 checksum: 712300 40f6212bc20c134923cf1048cfd5245b\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_s390.deb\n Size/MD5 checksum: 73728 e696e11731b0ffe2a00d883bdc3d16cd\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_s390.deb\n Size/MD5 checksum: 59156 653037fec730df2155e51aa4d2809ee3\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_sparc.deb\n Size/MD5 checksum: 724706 3339a3b62ec6e672725c20f012759b4b\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_sparc.deb\n Size/MD5 checksum: 76012 cda6d662b54f46a831d8566f6f8f095b\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_sparc.deb\n Size/MD5 checksum: 61020 36640727d0e8c5e400de0c04630c961b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2005-02-23T11:09:45", "type": "debian", "title": "[SECURITY] [DSA 688-1] New squid packages fix denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2005-02-23T11:09:45", "id": "DEBIAN:DSA-688-1:95C6D", "href": "https://lists.debian.org/debian-security-announce/2005/msg00067.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-22T03:53:14", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 688-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nFebruary 23rd, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : squid\nVulnerability : mising input sanitising\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-0446\n\nUpstream developers have discovered several problems in squid, the\nInternet object cache, the popular WWW proxy cache. A remote attacker\ncan cause squid to crash via certain DNS responses.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.6-2woody7.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.5.8-3.\n\nWe recommend that you upgrade your squid package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7.dsc\n Size/MD5 checksum: 612 bc9dc33a502eb9e0b4293c9a0e2aef18\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7.diff.gz\n Size/MD5 checksum: 236440 d1c8a57810656ee89295c82054824f8e\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6.orig.tar.gz\n Size/MD5 checksum: 1081920 59ce2c58da189626d77e27b9702ca228\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_alpha.deb\n Size/MD5 checksum: 815502 5baa03bdbc5258c31a9c093fd567084c\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_alpha.deb\n Size/MD5 checksum: 75622 5cfae27e8324a0ca0dfccb3dfbadcb1a\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_alpha.deb\n Size/MD5 checksum: 60366 fde4ec72c5629fe0d7f38b873c27e620\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_arm.deb\n Size/MD5 checksum: 726008 61adcf77023bbaa37db5e9161acf4050\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_arm.deb\n Size/MD5 checksum: 73382 5f3e398939e6a277ea015f9f3235eff1\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_arm.deb\n Size/MD5 checksum: 58704 ad58694d9fb083e67809a98f71187dad\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_i386.deb\n Size/MD5 checksum: 684338 577c9a8008c5ede1a4f16ef8520ed4c7\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_i386.deb\n Size/MD5 checksum: 73884 203f95f882aa4ea3ba68076fdcf94cfe\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_i386.deb\n Size/MD5 checksum: 58396 28dc7b3ad6406d51bf932600b85ece0b\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_ia64.deb\n Size/MD5 checksum: 953954 d79a494213f89d9c021273c55fa14490\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_ia64.deb\n Size/MD5 checksum: 79476 b227a17db6a5f115d99598210ed5d5f3\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_ia64.deb\n Size/MD5 checksum: 63034 23204a45be54339b31e04e9358e357c6\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_hppa.deb\n Size/MD5 checksum: 779584 c37982b618205e53554cdbdedfed1729\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_hppa.deb\n Size/MD5 checksum: 74828 d1f1807974aa091d258dda40f1a5e27a\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_hppa.deb\n Size/MD5 checksum: 59842 38372550333e90fba53558ab8ed9eebc\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_m68k.deb\n Size/MD5 checksum: 666248 649f02e2b065d64a7059c08b3aa38bfc\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_m68k.deb\n Size/MD5 checksum: 72730 cbbc04070becff9dbf07f8816a33a13c\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_m68k.deb\n Size/MD5 checksum: 57938 c0410320db936951124d49f799e77057\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_mips.deb\n Size/MD5 checksum: 765390 4f877c9010ee2ef13ba96b7105e3e19a\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_mips.deb\n Size/MD5 checksum: 74354 9b425951580d0d782cf0622003673fba\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_mips.deb\n Size/MD5 checksum: 58992 dd15f0bd3279f7012024121d60ecaeed\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_mipsel.deb\n Size/MD5 checksum: 765608 2e798cbf5b623b7c2bf06a13aebbefc0\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_mipsel.deb\n Size/MD5 checksum: 74478 6b9d563241173ef6f9baa4a0c6d73a69\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_mipsel.deb\n Size/MD5 checksum: 59102 833e1a5808ff69aa664fd055d713a03c\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_powerpc.deb\n Size/MD5 checksum: 722756 32ce8c5e69389b970843ed0b82691894\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_powerpc.deb\n Size/MD5 checksum: 73378 2661e53c7a134e96d8da81a3c3284bd1\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_powerpc.deb\n Size/MD5 checksum: 58586 c8d689cd3c7c09b9d119ab2c502f7d39\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_s390.deb\n Size/MD5 checksum: 712300 40f6212bc20c134923cf1048cfd5245b\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_s390.deb\n Size/MD5 checksum: 73728 e696e11731b0ffe2a00d883bdc3d16cd\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_s390.deb\n Size/MD5 checksum: 59156 653037fec730df2155e51aa4d2809ee3\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2woody7_sparc.deb\n Size/MD5 checksum: 724706 3339a3b62ec6e672725c20f012759b4b\n http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2woody7_sparc.deb\n Size/MD5 checksum: 76012 cda6d662b54f46a831d8566f6f8f095b\n http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6-2woody7_sparc.deb\n Size/MD5 checksum: 61020 36640727d0e8c5e400de0c04630c961b\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2005-02-23T11:09:45", "type": "debian", "title": "[SECURITY] [DSA 688-1] New squid packages fix denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2005-02-23T11:09:45", "id": "DEBIAN:DSA-688-1:FF82B", "href": "https://lists.debian.org/debian-security-announce/2005/msg00067.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:44:36", "description": "Squid is a full-featured Web proxy cache. \n \nA bug was found in the way Squid handles fully qualified domain name (FQDN)\nlookups. A malicious DNS server could crash Squid by sending a carefully\ncrafted DNS response to an FQDN lookup. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CAN-2005-0446 to\nthis issue. \n \nThis erratum also includes two minor patches to the LDAP helpers. One \ncorrects a slight malformation in ldap search requests (although all \nknown LDAP servers accept the requests). The other adds documentation \nfor the -v option to the ldap helpers. \n \nUsers of Squid should upgrade to this updated package, which contains a \nbackported patch, and is not vulnerable to this issue.", "cvss3": {}, "published": "2005-03-16T00:00:00", "type": "redhat", "title": "(RHSA-2005:201) squid security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2017-09-08T08:19:49", "id": "RHSA-2005:201", "href": "https://access.redhat.com/errata/RHSA-2005:201", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T04:46:05", "description": "The dhcp package provides the ISC Dynamic Host Configuration Protocol\n(DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows\ndevices to get their own network configuration information from a server.\n\nA bug was found in the way dhcpd logs error messages. A malicious DNS\nserver could send a carefully crafted DNS reply and cause dhcpd to crash or\npossibly execute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CAN-2005-0446 to this issue. \n\nAll users of dhcp should upgrade to this updated package, which contains a\nbackported patch and is not vulnerable to this issue.", "cvss3": {}, "published": "2005-04-12T00:00:00", "type": "redhat", "title": "(RHSA-2005:212) dhcp security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-1006", "CVE-2005-0446"], "modified": "2018-03-14T15:28:04", "id": "RHSA-2005:212", "href": "https://access.redhat.com/errata/RHSA-2005:212", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-01-11T14:39:43", "description": "Updated squid packages that fix a denial of service issue are now available.\n\nThis update has been rated as having important security impact by the Red Hat Security Response Team\n\nSquid is a full-featured Web proxy cache.\n\nA bug was found in the way Squid handles FQDN lookups. It was possible to crash the Squid server by sending a carefully crafted DNS response to an FQDN lookup. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0446 to this issue.\n\nUsers of squid should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue.", "cvss3": {}, "published": "2005-03-04T00:00:00", "type": "nessus", "title": "RHEL 2.1 / 3 : squid (RHSA-2005:173)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:redhat:enterprise_linux:3"], "id": "REDHAT-RHSA-2005-173.NASL", "href": "https://www.tenable.com/plugins/nessus/17264", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:173. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17264);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0446\");\n script_xref(name:\"RHSA\", value:\"2005:173\");\n\n script_name(english:\"RHEL 2.1 / 3 : squid (RHSA-2005:173)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated squid packages that fix a denial of service issue are now\navailable.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team\n\nSquid is a full-featured Web proxy cache.\n\nA bug was found in the way Squid handles FQDN lookups. It was possible\nto crash the Squid server by sending a carefully crafted DNS response\nto an FQDN lookup. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2005-0446 to this issue.\n\nUsers of squid should upgrade to this updated package, which contains\na backported patch, and is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0446\"\n );\n # http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bacf8ab4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:173\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:173\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"squid-2.4.STABLE7-1.21as.5\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"squid-2.5.STABLE3-6.3E.8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:38:12", "description": "Upstream developers have discovered several problems in squid, the Internet object cache, the popular WWW proxy cache. A remote attacker can cause squid to crash via certain DNS responses.", "cvss3": {}, "published": "2005-02-23T00:00:00", "type": "nessus", "title": "Debian DSA-688-1 : squid - missing input sanitising", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:squid", "cpe:/o:debian:debian_linux:3.0"], "id": "DEBIAN_DSA-688.NASL", "href": "https://www.tenable.com/plugins/nessus/17196", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-688. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17196);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2005-0446\");\n script_xref(name:\"DSA\", value:\"688\");\n\n script_name(english:\"Debian DSA-688-1 : squid - missing input sanitising\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream developers have discovered several problems in squid, the\nInternet object cache, the popular WWW proxy cache. A remote attacker\ncan cause squid to crash via certain DNS responses.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-688\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squid package.\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.6-2woody7.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/02/23\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"squid\", reference:\"2.4.6-2woody7\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"squid-cgi\", reference:\"2.4.6-2woody7\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"squidclient\", reference:\"2.4.6-2woody7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:38:24", "description": "The remote host is affected by the vulnerability described in GLSA-200502-25 (Squid: Denial of Service through DNS responses)\n\n Handling of certain DNS responses trigger assertion failures.\n Impact :\n\n By returning a specially crafted DNS response an attacker could cause Squid to crash by triggering an assertion failure.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2005-02-18T00:00:00", "type": "nessus", "title": "GLSA-200502-25 : Squid: Denial of Service through DNS responses", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:squid", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200502-25.NASL", "href": "https://www.tenable.com/plugins/nessus/17144", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200502-25.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17144);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0446\");\n script_xref(name:\"GLSA\", value:\"200502-25\");\n\n script_name(english:\"GLSA-200502-25 : Squid: Denial of Service through DNS responses\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200502-25\n(Squid: Denial of Service through DNS responses)\n\n Handling of certain DNS responses trigger assertion failures.\n \nImpact :\n\n By returning a specially crafted DNS response an attacker could\n cause Squid to crash by triggering an assertion failure.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200502-25\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Squid users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-proxy/squid-2.5.8'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/02/18\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-proxy/squid\", unaffected:make_list(\"ge 2.5.8\"), vulnerable:make_list(\"lt 2.5.8\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Squid\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:40:33", "description": "An updated squid package that fixes a denial of service issue is now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSquid is a full-featured Web proxy cache.\n\nA bug was found in the way Squid handles fully qualified domain name (FQDN) lookups. A malicious DNS server could crash Squid by sending a carefully crafted DNS response to an FQDN lookup. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0446 to this issue.\n\nThis erratum also includes two minor patches to the LDAP helpers. One corrects a slight malformation in ldap search requests (although all known LDAP servers accept the requests). The other adds documentation for the -v option to the ldap helpers.\n\nUsers of Squid should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue.", "cvss3": {}, "published": "2005-03-16T00:00:00", "type": "nessus", "title": "RHEL 4 : squid (RHSA-2005:201)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squid", "cpe:/o:redhat:enterprise_linux:4"], "id": "REDHAT-RHSA-2005-201.NASL", "href": "https://www.tenable.com/plugins/nessus/17340", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:201. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17340);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2005-0446\");\n script_xref(name:\"RHSA\", value:\"2005:201\");\n\n script_name(english:\"RHEL 4 : squid (RHSA-2005:201)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squid package that fixes a denial of service issue is now\navailable for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquid is a full-featured Web proxy cache.\n\nA bug was found in the way Squid handles fully qualified domain name\n(FQDN) lookups. A malicious DNS server could crash Squid by sending a\ncarefully crafted DNS response to an FQDN lookup. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-0446 to this issue.\n\nThis erratum also includes two minor patches to the LDAP helpers. One\ncorrects a slight malformation in ldap search requests (although all\nknown LDAP servers accept the requests). The other adds documentation\nfor the -v option to the ldap helpers.\n\nUsers of Squid should upgrade to this updated package, which contains\na backported patch, and is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-0446\"\n );\n # http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bacf8ab4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:201\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/05/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:201\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"squid-2.5.STABLE6-3.4E.5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:37:35", "description": "The squid developers discovered that a remote attacker could cause squid to crash via certain DNS responses.\n\nThe updated packages are patched to fix the problem.", "cvss3": {}, "published": "2005-02-25T00:00:00", "type": "nessus", "title": "Mandrake Linux Security Advisory : squid (MDKSA-2005:047)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:squid", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:mandrakesoft:mandrake_linux:9.2"], "id": "MANDRAKE_MDKSA-2005-047.NASL", "href": "https://www.tenable.com/plugins/nessus/17216", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:047. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17216);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0446\");\n script_xref(name:\"MDKSA\", value:\"2005:047\");\n\n script_name(english:\"Mandrake Linux Security Advisory : squid (MDKSA-2005:047)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandrake Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The squid developers discovered that a remote attacker could cause\nsquid to crash via certain DNS responses.\n\nThe updated packages are patched to fix the problem.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected squid package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/02/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"squid-2.5.STABLE4-2.5.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"squid-2.5.STABLE6-2.4.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", reference:\"squid-2.5.STABLE3-3.7.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:44:51", "description": "This update fixes CVE-2005-0446 Squid DoS from bad DNS response\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2005-09-12T00:00:00", "type": "nessus", "title": "Fedora Core 2 : squid-2.5.STABLE8-1.FC2.1 (2005-153)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "p-cpe:/a:fedoraproject:fedora:squid-debuginfo", "cpe:/o:fedoraproject:fedora_core:2"], "id": "FEDORA_2005-153.NASL", "href": "https://www.tenable.com/plugins/nessus/19614", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2005-153.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19614);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0446\");\n script_xref(name:\"FEDORA\", value:\"2005-153\");\n\n script_name(english:\"Fedora Core 2 : squid-2.5.STABLE8-1.FC2.1 (2005-153)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2005-0446 Squid DoS from bad DNS response\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-February/000713.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dc94cedc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 2.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC2\", reference:\"squid-2.5.STABLE8-1.FC2.1\")) flag++;\nif (rpm_check(release:\"FC2\", reference:\"squid-debuginfo-2.5.STABLE8-1.FC2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:45:12", "description": "This update fixes CVE-2005-0446 Squid DoS from bad DNS response\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2005-09-12T00:00:00", "type": "nessus", "title": "Fedora Core 3 : squid-2.5.STABLE8-1.FC3.1 (2005-154)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squid", "p-cpe:/a:fedoraproject:fedora:squid-debuginfo", "cpe:/o:fedoraproject:fedora_core:3"], "id": "FEDORA_2005-154.NASL", "href": "https://www.tenable.com/plugins/nessus/19615", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2005-154.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(19615);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2005-0446\");\n script_xref(name:\"FEDORA\", value:\"2005-154\");\n\n script_name(english:\"Fedora Core 3 : squid-2.5.STABLE8-1.FC3.1 (2005-154)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora Core host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2005-0446 Squid DoS from bad DNS response\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/announce/2005-February/000714.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d9497b9c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squid and / or squid-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squid-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora_core:3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 3.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC3\", reference:\"squid-2.5.STABLE8-1.FC3.1\")) flag++;\nif (rpm_check(release:\"FC3\", reference:\"squid-debuginfo-2.5.STABLE8-1.FC3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-debuginfo\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:38:55", "description": "The remote host is missing the patch for the advisory SUSE-SA:2005:008 (squid).\n\n\nSquid is an Open Source web proxy.\n\nA remote attacker was potentially able to crash the Squid web proxy if the log_fqdn option was set to 'on' and the DNS replies were manipulated.\n\nThis is tracked by the Mitre CVE ID CVE-2005-0446.\n\nThis update also fixes a defect in the last security update patch (CVE-2005-0241).", "cvss3": {}, "published": "2005-02-23T00:00:00", "type": "nessus", "title": "SUSE-SA:2005:008: squid", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0241", "CVE-2005-0446"], "modified": "2021-01-14T00:00:00", "cpe": [], "id": "SUSE_SA_2005_008.NASL", "href": "https://www.tenable.com/plugins/nessus/17198", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# This plugin text was extracted from SuSE Security Advisory SUSE-SA:2005:008\n#\n\n\nif ( ! defined_func(\"bn_random\") ) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif(description)\n{\n script_id(17198);\n script_version(\"1.11\");\n script_cve_id(\"CVE-2005-0446\");\n \n name[\"english\"] = \"SUSE-SA:2005:008: squid\";\n \n script_name(english:name[\"english\"]);\n \n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a vendor-supplied security patch\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing the patch for the advisory SUSE-SA:2005:008 (squid).\n\n\nSquid is an Open Source web proxy.\n\nA remote attacker was potentially able to crash the Squid web proxy\nif the log_fqdn option was set to 'on' and the DNS replies were\nmanipulated.\n\nThis is tracked by the Mitre CVE ID CVE-2005-0446.\n\nThis update also fixes a defect in the last security update patch\n(CVE-2005-0241).\" );\n script_set_attribute(attribute:\"solution\", value:\n\"http://www.suse.de/security/advisories/2005_08_squid.html\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n\n\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2005/02/23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n script_end_attributes();\n\n \n summary[\"english\"] = \"Check for the version of the squid package\";\n script_summary(english:summary[\"english\"]);\n \n script_category(ACT_GATHER_INFO);\n \n script_copyright(english:\"This script is Copyright (C) 2005-2021 Tenable Network Security, Inc.\");\n family[\"english\"] = \"SuSE Local Security Checks\";\n script_family(english:family[\"english\"]);\n \n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/SuSE/rpm-list\");\n exit(0);\n}\n\ninclude(\"rpm.inc\");\nif ( rpm_check( reference:\"squid-2.5.STABLE1-108\", release:\"SUSE8.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"squid-2.5.STABLE3-120\", release:\"SUSE9.0\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"squid-2.5.STABLE5-42.30\", release:\"SUSE9.1\") )\n{\n security_warning(0);\n exit(0);\n}\nif ( rpm_check( reference:\"squid-2.5.STABLE6-6.8\", release:\"SUSE9.2\") )\n{\n security_warning(0);\n exit(0);\n}\nif (rpm_exists(rpm:\"squid-\", release:\"SUSE8.2\")\n || rpm_exists(rpm:\"squid-\", release:\"SUSE9.0\")\n || rpm_exists(rpm:\"squid-\", release:\"SUSE9.1\")\n || rpm_exists(rpm:\"squid-\", release:\"SUSE9.2\") )\n{\n set_kb_item(name:\"CVE-2005-0446\", value:TRUE);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:21:23", "description": "When parsing the configuration file, squid interpreted empty Access Control Lists (ACLs) without defined authentication schemes in a non-obvious way. This could allow remote attackers to bypass intended ACLs. (CAN-2005-0194)\n\nA remote Denial of Service vulnerability was discovered in the domain name resolution code. A faulty or malicious DNS server could stop the Squid server immediately by sending a malformed IP address.\n(CAN-2005-0446).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2006-01-15T00:00:00", "type": "nessus", "title": "Ubuntu 4.10 : squid vulnerabilities (USN-84-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0194", "CVE-2005-0446"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:squid", "p-cpe:/a:canonical:ubuntu_linux:squid-cgi", "p-cpe:/a:canonical:ubuntu_linux:squid-common", "p-cpe:/a:canonical:ubuntu_linux:squidclient", "cpe:/o:canonical:ubuntu_linux:4.10"], "id": "UBUNTU_USN-84-1.NASL", "href": "https://www.tenable.com/plugins/nessus/20709", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-84-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(20709);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2005-0194\", \"CVE-2005-0446\");\n script_xref(name:\"USN\", value:\"84-1\");\n\n script_name(english:\"Ubuntu 4.10 : squid vulnerabilities (USN-84-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When parsing the configuration file, squid interpreted empty Access\nControl Lists (ACLs) without defined authentication schemes in a\nnon-obvious way. This could allow remote attackers to bypass intended\nACLs. (CAN-2005-0194)\n\nA remote Denial of Service vulnerability was discovered in the domain\nname resolution code. A faulty or malicious DNS server could stop the\nSquid server immediately by sending a malformed IP address.\n(CAN-2005-0446).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squid-cgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squid-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:squidclient\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"squid\", pkgver:\"2.5.5-6ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"squid-cgi\", pkgver:\"2.5.5-6ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"squid-common\", pkgver:\"2.5.5-6ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"4.10\", pkgname:\"squidclient\", pkgver:\"2.5.5-6ubuntu0.5\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squid / squid-cgi / squid-common / squidclient\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:40:54", "description": "An updated dhcp package that fixes a string format issue is now available for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe dhcp package provides the ISC Dynamic Host Configuration Protocol (DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows devices to get their own network configuration information from a server.\n\nA bug was found in the way dhcpd logs error messages. A malicious DNS server could send a carefully crafted DNS reply and cause dhcpd to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0446 to this issue.\n\nAll users of dhcp should upgrade to this updated package, which contains a backported patch and is not vulnerable to this issue.", "cvss3": {}, "published": "2005-04-12T00:00:00", "type": "nessus", "title": "RHEL 2.1 : dhcp (RHSA-2005:212)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-1006", "CVE-2005-0446"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dhcp", "cpe:/o:redhat:enterprise_linux:2.1"], "id": "REDHAT-RHSA-2005-212.NASL", "href": "https://www.tenable.com/plugins/nessus/18018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:212. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18018);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-1006\");\n script_xref(name:\"RHSA\", value:\"2005:212\");\n\n script_name(english:\"RHEL 2.1 : dhcp (RHSA-2005:212)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated dhcp package that fixes a string format issue is now\navailable for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe dhcp package provides the ISC Dynamic Host Configuration Protocol\n(DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows\ndevices to get their own network configuration information from a\nserver.\n\nA bug was found in the way dhcpd logs error messages. A malicious DNS\nserver could send a carefully crafted DNS reply and cause dhcpd to\ncrash or possibly execute arbitrary code. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name\nCVE-2005-0446 to this issue.\n\nAll users of dhcp should upgrade to this updated package, which\ncontains a backported patch and is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-1006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:212\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected dhcp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dhcp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/04/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:212\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"dhcp-2.0pl5-9\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dhcp\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T14:43:38", "description": "The Squid team reported several denial-of-service vulnerabilities related to the handling of DNS responses and NT Lan Manager messages.\nThese may allow an attacker to crash the Squid cache.", "cvss3": {}, "published": "2005-07-13T00:00:00", "type": "nessus", "title": "FreeBSD : squid -- denial-of-service vulnerabilities (5bf1a715-cc57-440f-b0a5-6406961c54a7)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0096", "CVE-2005-0097", "CVE-2005-0446"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:squid", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_5BF1A715CC57440FB0A56406961C54A7.NASL", "href": "https://www.tenable.com/plugins/nessus/18947", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(18947);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2005-0096\", \"CVE-2005-0097\", \"CVE-2005-0446\");\n\n script_name(english:\"FreeBSD : squid -- denial-of-service vulnerabilities (5bf1a715-cc57-440f-b0a5-6406961c54a7)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Squid team reported several denial-of-service vulnerabilities\nrelated to the handling of DNS responses and NT Lan Manager messages.\nThese may allow an attacker to crash the Squid cache.\"\n );\n # http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bacf8ab4\"\n );\n # http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af6b5d37\"\n );\n # https://vuxml.freebsd.org/freebsd/5bf1a715-cc57-440f-b0a5-6406961c54a7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3a4ff2c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squid\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squid<2.5.9\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-07-21T08:21:30", "description": "\nUpstream developers have discovered several problems in squid, the\nInternet object cache, the popular WWW proxy cache. A remote attacker\ncan cause squid to crash via certain DNS responses.\n\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 2.4.6-2woody7.\n\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 2.5.8-3.\n\n\nWe recommend that you upgrade your squid package.\n\n\n", "edition": 1, "cvss3": {}, "published": "2005-02-23T00:00:00", "type": "osv", "title": "squid - mising input sanitising", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2022-07-21T05:51:17", "id": "OSV:DSA-688-1", "href": "https://osv.dev/vulnerability/DSA-688-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T11:36:00", "description": "Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.", "cvss3": {}, "published": "2005-05-02T04:00:00", "type": "cve", "title": "CVE-2005-0446", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/a:squid:squid:2.1.patch2", "cpe:/a:squid:squid:2.5_stable4", "cpe:/a:squid:squid:2.3.devel2", "cpe:/a:squid:squid:2.5.stable4", "cpe:/a:squid:squid:2.5.6", "cpe:/a:squid:squid:2.5_stable3", "cpe:/a:squid:squid:2.3.devel3", "cpe:/a:squid:squid:2.4_.stable6", "cpe:/a:squid:squid:2.4.stable4", "cpe:/a:squid:squid:2.3_stable5", "cpe:/a:squid:squid:2.0.patch1", "cpe:/a:squid:squid:2.5_.stable6", "cpe:/a:squid:squid:2.1.patch1", "cpe:/a:squid:squid:2.2.stable3", "cpe:/a:squid:squid:2.3.stable4", "cpe:/a:squid:squid:2.5_.stable1", "cpe:/a:squid:squid:2.4_.stable7", "cpe:/a:squid:squid:2.5.stable6", "cpe:/a:squid:squid:2.5.stable5", "cpe:/a:squid:squid:2.4_stable7", "cpe:/a:squid:squid:2.2.stable4", "cpe:/a:squid:squid:2.5.stable8", "cpe:/a:squid:squid:2.1_patch2", "cpe:/a:squid:squid:2.2.devel3", "cpe:/a:squid:squid:2.4.stable1", "cpe:/a:squid:squid:2.4.stable6", "cpe:/a:squid:squid:2.1.pre4", "cpe:/a:squid:squid:2.0.patch2", "cpe:/a:squid:squid:2.2.devel4", "cpe:/a:squid:squid:2.2.stable5", "cpe:/a:squid:squid:2.3.stable1", "cpe:/a:squid:squid:2.0.release", "cpe:/a:squid:squid:2.5_.stable4", "cpe:/a:squid:squid:2.3.stable5", "cpe:/a:squid:squid:2.2.pre1", "cpe:/a:squid:squid:2.3.stable3", "cpe:/a:squid:squid:2.3_.stable5", "cpe:/a:squid:squid:2.2.stable1", "cpe:/a:squid:squid:2.5.stable3", "cpe:/a:squid:squid:2.4_.stable2", "cpe:/a:squid:squid:2.5.stable2", "cpe:/a:squid:squid:2.4.stable3", "cpe:/a:squid:squid:2.2.pre2", "cpe:/a:squid:squid:2.4.stable7", "cpe:/a:squid:squid:2.5_.stable5", "cpe:/a:squid:squid:2.5_stable9", "cpe:/a:squid:squid:2.3.stable2", "cpe:/a:squid:squid:2.4.stable2", "cpe:/a:squid:squid:2.4", "cpe:/a:squid:squid:2.1.pre1", "cpe:/a:squid:squid:2.5.stable1", "cpe:/a:squid:squid:2.0.pre1", "cpe:/a:squid:squid:2.2.stable2", "cpe:/a:squid:squid:2.0_patch2", "cpe:/a:squid:squid:2.3_.stable4", "cpe:/a:squid:squid:2.5.stable7", "cpe:/a:squid:squid:2.5_.stable3", "cpe:/a:squid:squid:2.1.pre3", "cpe:/a:squid:squid:2.1.release"], "id": "CVE-2005-0446", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0446", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squid:squid:2.4_.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4.stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable8:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.devel3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.devel4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3_.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4_stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.1.pre1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3_stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.0.release:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.1_patch2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.pre1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.0_patch2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.0.patch2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3.devel3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.1.pre4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.0.patch1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4_.stable7:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.1.patch2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_stable9:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.0.pre1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.1.release:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.1.pre3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4_.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable3:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_.stable1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3.stable2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5_.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3.devel2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.4.stable6:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.3_.stable4:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable5:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.2.pre2:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.1.patch1:*:*:*:*:*:*:*", "cpe:2.3:a:squid:squid:2.5.stable2:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2022-08-04T14:49:09", "description": "Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of\nservice (crash) via certain DNS responses regarding (1) Fully Qualified\nDomain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which\ntrigger an assertion failure.", "cvss3": {}, "published": "2005-05-02T00:00:00", "type": "ubuntucve", "title": "CVE-2005-0446", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2005-05-02T00:00:00", "id": "UB:CVE-2005-0446", "href": "https://ubuntu.com/security/CVE-2005-0446", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2022-01-17T19:19:32", "description": "### Background\n\nSquid is a full-featured Web proxy cache designed to run on Unix-like systems. It supports proxying and caching of HTTP, FTP, and other protocols, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features. \n\n### Description\n\nHandling of certain DNS responses trigger assertion failures. \n\n### Impact\n\nBy returning a specially crafted DNS response an attacker could cause Squid to crash by triggering an assertion failure. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Squid users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-proxy/squid-2.5.8\"", "cvss3": {}, "published": "2005-02-18T00:00:00", "type": "gentoo", "title": "Squid: Denial of Service through DNS responses", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0446"], "modified": "2005-02-18T00:00:00", "id": "GLSA-200502-25", "href": "https://security.gentoo.org/glsa/200502-25", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2023-01-01T03:06:55", "description": "**CentOS Errata and Security Advisory** CESA-2005:212-01\n\n\nThe dhcp package provides the ISC Dynamic Host Configuration Protocol\n(DHCP) server and relay agent, dhcpd. DHCP is a protocol that allows\ndevices to get their own network configuration information from a server.\n\nA bug was found in the way dhcpd logs error messages. A malicious DNS\nserver could send a carefully crafted DNS reply and cause dhcpd to crash or\npossibly execute arbitrary code. The Common Vulnerabilities and Exposures\nproject (cve.mitre.org) has assigned the name CAN-2005-0446 to this issue. \n\nAll users of dhcp should upgrade to this updated package, which contains a\nbackported patch and is not vulnerable to this issue.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2005-April/061043.html\n\n**Affected packages:**\ndhcp\n\n", "cvss3": {}, "published": "2005-04-12T23:06:20", "type": "centos", "title": "dhcp security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-1006", "CVE-2005-0446"], "modified": "2005-04-12T23:06:20", "id": "CESA-2005:212-01", "href": "https://lists.centos.org/pipermail/centos-announce/2005-April/061043.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:08:03", "description": "Squid is an Open Source web proxy. A remote attacker was potentially able to crash the Squid web proxy if the log_fqdn option was set to \"on\" and the DNS replies were manipulated.\n#### Solution\nInstall the fixed packages.", "cvss3": {}, "published": "2005-02-22T13:31:16", "type": "suse", "title": "remote denial of service in squid", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2005-0446", "CVE-2005-0241"], "modified": "2005-02-22T13:31:16", "id": "SUSE-SA:2005:008", "href": "http://lists.opensuse.org/opensuse-security-announce/2005-02/msg00019.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "cert": [{"lastseen": "2021-09-28T17:52:37", "description": "### Overview\n\nThe Squid web proxy cache may fail to handle empty Access Control Lists (ACLs) in the intended manner.\n\n### Description\n\nSquid functions as a web proxy and cache application for a number of protocols. However, Squid Access Control List (ACL) routines may not parse an empty list as intended. An empty list may be interpreted as a nonexistent list rather than a list containing no members. This may or may not be the intended behavior. \n \n--- \n \n### Impact\n\nUnintended access may be granted to all members instead of the intended result of access being denied to all members. \n \n--- \n \n### Solution\n\n**Apply an update**\n\nThis flaw has been patched in [Squid 2.5.STABLE8](<http://www.squid-cache.org/Versions/v2/2.5/>). More details are available in the [Squid Bugzilla bug #1166](<http://www.squid-cache.org/bugs/show_bug.cgi?id=1166>). \n \n--- \n \nTeam Squid recommends: \n \n_Pay attention to warnings from \"squid -k parse\" and do not use configurations where there are warnings about access controls in production._ \n \n--- \n \n### Vendor Information\n\n260421\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Squid __ Affected\n\nNotified: December 21, 2004 Updated: February 18, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nThis flaw has been patched in [the current release version, Squid 2.5-STABLE8](<http://www.squid-cache.org/Versions/v2/2.5/>). More details are available in the [Squid Bugzilla bug #1166](<http://www.squid-cache.org/bugs/show_bug.cgi?id=1166>).\n\n[Team Squid](<http://www.squid-cache.org/>) has created a patch for the previous release version of Squid (2.5-STABLE7): [`squid-2.5.STABLE7-empty_acls.patch`](<http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch>)\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23260421 Feedback>).\n\n### Ubuntu Linux __ Affected\n\nUpdated: February 21, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n`=========================================================== \nUbuntu Security Notice USN-84-1 February 21, 2005 \nsquid vulnerabilities \nCAN-2005-0194, CAN-2005-0446 \n=========================================================== \n \nA security issue affects the following Ubuntu releases: \n \nUbuntu 4.10 (Warty Warthog) \n \nThe following packages are affected: \n \nsquid \n \nThe problem can be corrected by upgrading the affected package to \nversion 2.5.5-6ubuntu0.5. In general, a standard system upgrade is \nsufficient to effect the necessary changes. \n \nDetails follow: \n \nWhen parsing the configuration file, squid interpreted empty Access \nControl Lists (ACLs) without defined authentication schemes in a \nnon-obvious way. This could allow remote attackers to bypass intended \nACLs. (CAN-2005-0194) \n \nA remote Denial of Service vulnerability was discovered in the domain \nname resolution code. A faulty or malicious DNS server could stop the \nSquid server immediately by sending a malformed IP address. \n(CAN-2005-0446) \n \nSource archives: \n \n``<http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.5.diff.gz>`` \nSize/MD5: 273103 b227505fff84a15f636d1a40ef894a59 \n``<http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.5.dsc>`` \nSize/MD5: 652 03dda2b1794bee143c7bb2c907177dec \n``<http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5.orig.tar.gz>`` \nSize/MD5: 1363967 6c7f3175b5fa04ab5ee68ce752e7b500 \n \nArchitecture independent packages: \n \n``<http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.5.5-6ubuntu0.5_all.deb>`` \nSize/MD5: 190542 18ac376117476528d04ecf34c39605c5 \n \namd64 architecture (Athlon64, Opteron, EM64T Xeon) \n \n``<http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.5_amd64.deb>`` \nSize/MD5: 89972 6c0d1ca2955e65c617a0ffb9835fb7d0 \n``<http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.5_amd64.deb>`` \nSize/MD5: 812832 c4ae1fa8c10241c975be5a5ae713d259 \n``<http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.5_amd64.deb>`` \nSize/MD5: 71320 6426cdd50abe26ff32430f10384f98b6 \n \ni386 architecture (x86 compatible Intel/AMD) \n \n``<http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.5_i386.deb>`` \nSize/MD5: 88484 048eee3bff6f8c1c2a27c422d8d02878 \n``<http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.5_i386.deb>`` \nSize/MD5: 728800 86015fa3f0e70ca114d50600779a5218 \n``<http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.5_i386.deb>`` \nSize/MD5: 70052 fa490312c320b567d0a2ab9aa86516a9 \n \npowerpc architecture (Apple Macintosh G3/G4/G5) \n \n``<http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5.5-6ubuntu0.5_powerpc.deb>`` \nSize/MD5: 89398 69752585a510d3e5fd35f3855d316354 \n``<http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.5_powerpc.deb>`` \nSize/MD5: 796142 ce07df2197a74e4da2325e39e153b38a \n``<http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2.5.5-6ubuntu0.5_powerpc.deb>`` \nSize/MD5: 70814 1074527b3d8dc744aa1b128713c902ba`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nUS-CERT has no additional comments at this time.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23260421 Feedback>).\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 0 | AV:--/AC:--/Au:--/C:--/I:--/A:-- \nTemporal | 0 | E:ND/RL:ND/RC:ND \nEnvironmental | 0 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * [www.squid-cache.org/bugs/show_bug.cgi?id=1166 ](<www.squid-cache.org/bugs/show_bug.cgi?id=1166 >)\n * [www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls ](<www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls >)\n * [www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch ](<www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch >)\n * <http://www.debian.org/security/2005/dsa-667>\n * <http://secunia.com/advisories/14157/>\n * <http://secunia.com/advisories/14343/>\n\n### Acknowledgements\n\nThanks to Team Squid for reporting this vulnerability.\n\nThis document was written by Ken MacInnis.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2005-0194](<http://web.nvd.nist.gov/vuln/detail/CVE-2005-0194>) \n---|--- \n**Severity Metric:** | 0.27 \n**Date Public:** | 2004-12-21 \n**Date First Published:** | 2005-02-21 \n**Date Last Updated: ** | 2005-02-22 20:21 UTC \n**Document Revision: ** | 8 \n", "cvss3": {}, "published": "2005-02-21T00:00:00", "type": "cert", "title": "Squid fails to parse empty access control lists correctly", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0194", "CVE-2005-0446"], "modified": "2005-02-22T20:21:00", "id": "VU:260421", "href": "https://www.kb.cert.org/vuls/id/260421", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2023-01-26T13:44:58", "description": "## Releases\n\n * Ubuntu 4.10 \n\nWhen parsing the configuration file, squid interpreted empty Access \nControl Lists (ACLs) without defined authentication schemes in a \nnon-obvious way. This could allow remote attackers to bypass intended \nACLs. (CAN-2005-0194)\n\nA remote Denial of Service vulnerability was discovered in the domain \nname resolution code. A faulty or malicious DNS server could stop the \nSquid server immediately by sending a malformed IP address. \n(CAN-2005-0446)\n", "cvss3": {}, "published": "2005-02-21T00:00:00", "type": "ubuntu", "title": "Squid vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0194", "CVE-2005-0446"], "modified": "2005-02-21T00:00:00", "id": "USN-84-1", "href": "https://ubuntu.com/security/notices/USN-84-1", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nThe Squid team reported several denial-of-service\n\t vulnerabilities related to the handling of DNS responses and\n\t NT Lan Manager messages. These may allow an attacker to crash\n\t the Squid cache.\n\n", "cvss3": {}, "published": "2005-01-16T00:00:00", "type": "freebsd", "title": "squid -- denial-of-service vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-0096", "CVE-2005-0097", "CVE-2005-0446"], "modified": "2005-01-16T00:00:00", "id": "5BF1A715-CC57-440F-B0A5-6406961C54A7", "href": "https://vuxml.freebsd.org/freebsd/5bf1a715-cc57-440f-b0a5-6406961c54a7.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}
(RHSA-2005:173) squid security update
