CVE-2005-0211 : Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attacker

Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.

Published 2005-05-02 04:00:00

Updated 2018-10-12 18:28:30

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute codeDenial of service

Products affected by CVE-2005-0211

Debian » Debian Linux » Version: 3.0
cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
Matching versions
Squid-cache » Squid » Version: 2.5.stable1
cpe:2.3:a:squid-cache:squid:2.5.stable1:*:*:*:*:*:*:*
Matching versions
Squid-cache » Squid » Version: 2.5.stable6
cpe:2.3:a:squid-cache:squid:2.5.stable6:*:*:*:*:*:*:*
Matching versions
Squid-cache » Squid » Version: 2.5.stable3
cpe:2.3:a:squid-cache:squid:2.5.stable3:*:*:*:*:*:*:*
Matching versions
Squid-cache » Squid » Version: 2.5.stable5
cpe:2.3:a:squid-cache:squid:2.5.stable5:*:*:*:*:*:*:*
Matching versions
Squid-cache » Squid » Version: 2.5.stable2
cpe:2.3:a:squid-cache:squid:2.5.stable2:*:*:*:*:*:*:*
Matching versions
Squid-cache » Squid » Version: 2.5.stable4
cpe:2.3:a:squid-cache:squid:2.5.stable4:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2005-0211

Top countries where our scanners detected CVE-2005-0211

Top open port discovered on systems with this issue 3128

IPs affected by CVE-2005-0211 130

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2005-0211!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2005-0211

EPSS FAQ

45.24%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 97 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-0211

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2005-0211

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2005-0211

http://www.securityfocus.com/bid/12432

Third Party Advisory;VDB Entry
http://securitytracker.com/id?1013045

GoDaddy Domain Name Search
Third Party Advisory;VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9573

404 Not Found
Third Party Advisory
http://www.kb.cert.org/vuls/id/886006

VU#886006 - Squid vulnerable to buffer overflow via an overly long WCCP message
Patch;Third Party Advisory;US Government Resource
http://www.debian.org/security/2005/dsa-667

[SECURITY] [DSA 667-1] New PostgreSQL packages fix arbitrary library loading
Patch;Third Party Advisory

CVEs referencing this url
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow

Squid-2.5 Patches
Patch;Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patch

Patch;Vendor Advisory
http://marc.info/?l=bugtraq&m=110780531820947&w=2

'[USN-77-1] Squid vulnerabilities' - MARC
Third Party Advisory

CVEs referencing this url