Squid Input Validation Error in Processing WCCP Messages Lets Remote Users Crash Squid
|
SecurityTracker Alert ID: 1012882 |
SecurityTracker URL: http://securitytracker.com/id/1012882
|
CVE Reference:
CVE-2005-0095
(Links to External Site)
|
Updated: Jan 19 2005
|
Original Entry Date: Jan 13 2005
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2.5
|
Description:
A denial of service vulnerability was reported in Squid in the processing of WCCP messages. A remote user can cause Squid to crash.
The vendor reported that a remote user can send specially crafted WCCP_I_SEE_YOU packet with the 'number of caches' field set to a value outside of the 1 - 32 range and with a spoofed address. If WCCP is enabled on the target system (which is not the default setting), Squid may crash.
|
Impact:
A remote user can cause Squid to crash.
|
Solution:
A patch (squid-2.5.STABLE7-wccp_denial_of_service.patch) is available at:
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch
|
Vendor URL: www.squid-cache.org/ (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|