CVE-2005-0097

Published: Jan 11, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference.

Affected (27)

Products: Squid: Squid

1 product

Configuration A

27 vulnerable

Vulnerable Software	Affected Versions
Squid Squid	Version 2.0_patch2
Squid Squid	Version 2.1_patch2
Squid Squid	Version 2.3_.stable4
Squid Squid	Version 2.3_.stable5
Squid Squid	Version 2.3_stable5
Squid Squid	Version 2.4
Squid Squid	Version 2.4_.stable2
Squid Squid	Version 2.4_.stable6
Squid Squid	Version 2.4_.stable7
Squid Squid	Version 2.4_stable7
Squid Squid	Version 2.5.6
Squid Squid	Version 2.5.stable1
Squid Squid	Version 2.5.stable2
Squid Squid	Version 2.5.stable3
Squid Squid	Version 2.5.stable4
Squid Squid	Version 2.5.stable5
Squid Squid	Version 2.5.stable6
Squid Squid	Version 2.5.stable7
Squid Squid	Version 2.5_.stable1
Squid Squid	Version 2.5_.stable3
Squid Squid	Version 2.5_.stable4
Squid Squid	Version 2.5_.stable5
Squid Squid	Version 2.5_.stable6
Squid Squid	Version 2.5_stable3
Squid Squid	Version 2.5_stable4
Squid Squid	Version 2.5_stable9
Squid Squid	Version 2.6.stable1

References (22)

http://fedoranews.org/updates/FEDORA--.shtml

Source: cve@mitre.org

http://secunia.com/advisories/13789

Source: cve@mitre.org

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200501-25.xml

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1012818

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2005_06_squid.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-060.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-061.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/12220

Source: cve@mitre.org

http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth

Source: cve@mitre.org

PatchVendor Advisory

http://www.trustix.org/errata/2005/0003/

Source: cve@mitre.org

PatchVendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646

Source: cve@mitre.org

http://fedoranews.org/updates/FEDORA--.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/13789

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://security.gentoo.org/glsa/glsa-200501-25.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://securitytracker.com/id?1012818

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2005_06_squid.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-060.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2005-061.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/12220

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.trustix.org/errata/2005/0003/

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11646

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.