CVE-2005-0094

Published: Jan 15, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.

Affected (27)

Products: Squid: Squid

1 product

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Squid Squid	Version 2.0_patch2
Squid Squid	Version 2.1_patch2
Squid Squid	Version 2.3_.stable4
Squid Squid	Version 2.3_.stable5
Squid Squid	Version 2.3_stable5
Squid Squid	Version 2.4
Squid Squid	Version 2.4_.stable2
Squid Squid	Version 2.4_.stable6
Squid Squid	Version 2.4_.stable7
Squid Squid	Version 2.4_stable7
Squid Squid	Version 2.5.6
Squid Squid	Version 2.5.stable1
Squid Squid	Version 2.5.stable2
Squid Squid	Version 2.5.stable3
Squid Squid	Version 2.5.stable4
Squid Squid	Version 2.5.stable5
Squid Squid	Version 2.5.stable6
Squid Squid	Version 2.5.stable7
Squid Squid	Version 2.5_.stable1
Squid Squid	Version 2.5_.stable3
Squid Squid	Version 2.5_.stable4
Squid Squid	Version 2.5_.stable5
Squid Squid	Version 2.5_.stable6
Squid Squid	Version 2.5_stable3
Squid Squid	Version 2.5_stable4
Squid Squid	Version 2.5_stable9
Squid Squid	Version 2.6.stable1

References (28)

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923

Source: cve@mitre.org

Vendor Advisory

http://fedoranews.org/updates/FEDORA--.shtml

Source: cve@mitre.org

http://secunia.com/advisories/13825

Source: cve@mitre.org

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200501-25.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.debian.org/security/2005/dsa-651

Source: cve@mitre.org

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:014

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2005_06_squid.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-060.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-061.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/12276

Source: cve@mitre.org

http://www.squid-cache.org/Advisories/SQUID-2005_1.txt

Source: cve@mitre.org

ExploitVendor Advisory

http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch

Source: cve@mitre.org

Vendor Advisory

http://www.trustix.org/errata/2005/0003/

Source: cve@mitre.org

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11146

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://fedoranews.org/updates/FEDORA--.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/13825

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200501-25.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.debian.org/security/2005/dsa-651

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2005:014

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2005_06_squid.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-060.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-061.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/12276

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.squid-cache.org/Advisories/SQUID-2005_1.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.trustix.org/errata/2005/0003/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11146

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.