CVE-2005-0241 - OpenCVE

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Squid	Squid

Configuration 1 [-]

OR	cpe:2.3:a:squid:squid:2.5.stable1:::::::*
	cpe:2.3:a:squid:squid:2.5.stable2:::::::*
	cpe:2.3:a:squid:squid:2.5.stable3:::::::*
	cpe:2.3:a:squid:squid:2.5.stable4:::::::*
	cpe:2.3:a:squid:squid:2.5.stable5:::::::*
	cpe:2.3:a:squid:squid:2.5.stable6:::::::*
	cpe:2.3:a:squid:squid:2.5.stable7:::::::*

References

Link	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931	Patch
http://fedoranews.org/updates/FEDORA--.shtml
http://secunia.com/advisories/14091
http://www.kb.cert.org/vuls/id/823350	Patch Third Party Advisory US Government Resource
http://www.novell.com/linux/security/advisories/2005_06_squid.html	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-060.html	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-061.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/12412
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers	Patch
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch	Patch
http://www.squid-cache.org/bugs/show_bug.cgi?id=1216	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/19060
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: debian

Published: 2005-02-08T05:00:00

Updated: 2017-10-10T00:57:01

Reserved: 2005-02-08T00:00:00

Link: CVE-2005-0241

JSON object: View

NVD Information

Status : Modified

Published: 2005-05-02T04:00:00.000

Modified: 2017-10-11T01:29:54.560

Link: CVE-2005-0241

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-01-31T00:00:00", "descriptions": [{"lang": "en", "value": "The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "14091", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/14091"}, {"name": "VU#823350", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/823350"}, {"name": "12412", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/12412"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216"}, {"name": "oval:org.mitre.oval:def:10998", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998"}, {"name": "FLSA-2006:152809", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://fedoranews.org/updates/FEDORA--.shtml"}, {"name": "RHSA-2005:061", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"}, {"name": "squid-http-cache-poisoning(19060)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060"}, {"name": "CLA-2005:931", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers"}, {"name": "SUSE-SA:2005:006", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"}, {"name": "RHSA-2005:060", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2005-0241", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "14091", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14091"}, {"name": "VU#823350", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/823350"}, {"name": "12412", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12412"}, {"name": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216", "refsource": "CONFIRM", "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216"}, {"name": "oval:org.mitre.oval:def:10998", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998"}, {"name": "FLSA-2006:152809", "refsource": "FEDORA", "url": "http://fedoranews.org/updates/FEDORA--.shtml"}, {"name": "RHSA-2005:061", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"}, {"name": "squid-http-cache-poisoning(19060)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060"}, {"name": "CLA-2005:931", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931"}, {"name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers", "refsource": "CONFIRM", "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers"}, {"name": "SUSE-SA:2005:006", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"}, {"name": "RHSA-2005:060", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"}, {"name": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch", "refsource": "CONFIRM", "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch"}]}}}}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2005-0241", "datePublished": "2005-02-08T05:00:00", "dateReserved": "2005-02-08T00:00:00", "dateUpdated": "2017-10-10T00:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:squid:squid:2.5.stable1:*:*:*:*:*:*:*", "matchCriteriaId": "7183658C-0CDE-40B1-B203-8C365193724B", "vulnerable": true}, {"criteria": "cpe:2.3:a:squid:squid:2.5.stable2:*:*:*:*:*:*:*", "matchCriteriaId": "E9C73406-9582-40F7-AFD9-7E9D6D94DE39", "vulnerable": true}, {"criteria": "cpe:2.3:a:squid:squid:2.5.stable3:*:*:*:*:*:*:*", "matchCriteriaId": "0EDB690A-E0EF-4B11-83D7-B4A4C6B52DD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:squid:squid:2.5.stable4:*:*:*:*:*:*:*", "matchCriteriaId": "8D3F889C-2A50-4B91-B74D-1D32A2CAFFA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:squid:squid:2.5.stable5:*:*:*:*:*:*:*", "matchCriteriaId": "BCE944B8-B660-4FDB-A3F2-81F908329D88", "vulnerable": true}, {"criteria": "cpe:2.3:a:squid:squid:2.5.stable6:*:*:*:*:*:*:*", "matchCriteriaId": "75436484-5FCD-45D3-9262-63301A2024B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:squid:squid:2.5.stable7:*:*:*:*:*:*:*", "matchCriteriaId": "A8D59FA7-FD38-406A-923F-68297CC4B767", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \"oversized\" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size."}], "id": "CVE-2005-0241", "lastModified": "2017-10-11T01:29:54.560", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-05-02T04:00:00.000", "references": [{"source": "security@debian.org", "tags": ["Patch"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931"}, {"source": "security@debian.org", "url": "http://fedoranews.org/updates/FEDORA--.shtml"}, {"source": "security@debian.org", "url": "http://secunia.com/advisories/14091"}, {"source": "security@debian.org", "tags": ["Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/823350"}, {"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.novell.com/linux/security/advisories/2005_06_squid.html"}, {"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2005-060.html"}, {"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2005-061.html"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/12412"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-oversize_reply_headers"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "http://www.squid-cache.org/bugs/show_bug.cgi?id=1216"}, {"source": "security@debian.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19060"}, {"source": "security@debian.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10998"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}