CVE-2005-1519

Published: May 11, 2005Modified: Apr 16, 2026

6.4

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:P

Exploitability: 10.0 / Impact: 4.9

Source: NVD

Description

Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.

Affected (1)

Products: Squid: Squid

Squid

1 product

Squid

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Squid Squid	Up to 2.5_stable9

References (18)

http://fedoranews.org/updates/FEDORA--.shtml

Source: secalert@redhat.com

http://secunia.com/advisories/15294

Source: secalert@redhat.com

Patch

http://www.debian.org/security/2005/dsa-751

Source: secalert@redhat.com

http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2005-489.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/13592

Source: secalert@redhat.com

http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query

Source: secalert@redhat.com

Patch

http://www.vupen.com/english/advisories/2005/0521

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9976

Source: secalert@redhat.com

http://fedoranews.org/updates/FEDORA--.shtml