CVE-2005-2917

Related Files

SCOSA-2005.44.txt

Posted Nov 3, 2005

Authored by SCO | Site sco.com

SCO Security Advisory - store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING. The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests. Squid versions 2.5.STABLE10 and below, while performing NTLM authentication, do not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

tags | advisory, remote, denial of service

advisories | CVE-2005-2794, CVE-2005-2796, CVE-2005-2917, CVE-2005-3258

SHA-256 | f0587c8f5d8323fec288e1f850d67e518ab135abbba7b94636cf8b47c40315bc

Download | Favorite | View

usn-192-1.txt

Posted Oct 4, 2005

Authored by Martin Pitt | Site security.ubuntu.com

Ubuntu Security Notice USN-192-1 - Mike Diggins discovered a remote Denial of Service vulnerability in Squid. Sending specially crafted NTML authentication requests to Squid caused the server to crash.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2005-2917

SHA-256 | 6351468586402308f11c910517aa06ab3eea37233a1683741efe82c0e6114fb0

Download | Favorite | View

Debian Linux Security Advisory 828-1

Posted Oct 4, 2005

Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 828-1 - Upstream developers of squid, the popular WWW proxy cache, have discovered that changes in the authentication scheme are not handled properly when given certain request sequences while NTLM authentication is in place, which may cause the daemon to restart.

tags | advisory

systems | linux, debian

advisories | CVE-2005-2917

SHA-256 | 7ef499a1227798c1d997c07bd6e5bc0392caa2dab911610da22c6d17215aaa8e

Download | Favorite | View