CVE-2005-2796

Related Files

SCOSA-2005.44.txt

Posted Nov 3, 2005

Authored by SCO | Site sco.com

SCO Security Advisory - store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. Squid versions 2.5.STABLE10 and below, while performing NTLM authentication, do not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

tags | advisory, remote, denial of service

advisories | CVE-2005-2794, CVE-2005-2796, CVE-2005-2917, CVE-2005-3258

SHA-256 | f0587c8f5d8323fec288e1f850d67e518ab135abbba7b94636cf8b47c40315bc

Download | Favorite | View

SUSE-SA-2005-053.txt

Posted Sep 20, 2005

Site suse.com

SUSE Security Announcement - Squid web-proxy suffers from two remotely exploitable denial of service vulnerabilities

tags | advisory, web, denial of service, vulnerability

systems | linux, suse

advisories | CVE-2005-2794, CVE-2005-2796

SHA-256 | ffc33cd2b43d2cecb24ae8a320b2ad4b1318a49d6124ca983dacdafe8c59d8e5

Download | Favorite | View

OpenPKG Security Advisory 2005.21

Posted Sep 13, 2005

Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory - Two Denial of Service (DoS) security issues were discovered in the Squid Internet proxy. The first DoS is possible via certain aborted requests that trigger an assertion error related to STORE_PENDING. The second problem allows remote attackers to cause a DoS via certain crafted requests and SSL timeouts.

tags | advisory, remote, denial of service

advisories | CVE-2005-2794, CVE-2005-2796

SHA-256 | 9aa6ddde476351397a610959fb00e7aa8306c87d1b4dddf671da4b510c0c68df

Download | Favorite | View