CVE-2005-0211 - Secunia.com

CVE Reference: CVE-2005-0211
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0211

Description: Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.

CVE Status: Candidate

References: SUSE http://www.novell.com/linux/security/advisories/2005_06_squid.html ST 1013045 SAID Secunia Advisory: SA14076 REDHAT http://www.redhat.com/support/errata/RHSA-2005-061.html http://www.redhat.com/support/errata/RHSA-2005-060.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9573 OSVDB 13319 MANDRAKE http://www.mandriva.com/security/advisories?name=MDKSA-2005:034 FEDORA http://fedoranews.org/updates/FEDORA--.shtml DEBIAN http://www.debian.org/security/2005/dsa-667 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patch http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow CERT-VN 886006 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=110780531820947&w=2 BID 12432

Return to the previous page.

Secunia