{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2005-0095", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "http://www.squid-cache.org/Advisories/SQUID-2005_2.txt", "refsource" : "CONFIRM", "url" : "http://www.squid-cache.org/Advisories/SQUID-2005_2.txt" }, { "name" : "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch", "refsource" : "CONFIRM", "url" : "http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch" }, { "name" : "CLA-2005:923", "refsource" : "CONECTIVA", "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923" }, { "name" : "DSA-651", "refsource" : "DEBIAN", "url" : "http://www.debian.org/security/2005/dsa-651" }, { "name" : "FLSA-2006:152809", "refsource" : "FEDORA", "url" : "http://fedoranews.org/updates/FEDORA--.shtml" }, { "name" : "GLSA-200501-25", "refsource" : "GENTOO", "url" : "http://security.gentoo.org/glsa/glsa-200501-25.xml" }, { "name" : "MDKSA-2005:014", "refsource" : "MANDRAKE", "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:014" }, { "name" : "RHSA-2005:060", "refsource" : "REDHAT", "url" : "http://www.redhat.com/support/errata/RHSA-2005-060.html" }, { "name" : "RHSA-2005:061", "refsource" : "REDHAT", "url" : "http://www.redhat.com/support/errata/RHSA-2005-061.html" }, { "name" : "SUSE-SA:2005:006", "refsource" : "SUSE", "url" : "http://www.novell.com/linux/security/advisories/2005_06_squid.html" }, { "name" : "2005-0003", "refsource" : "TRUSTIX", "url" : "http://www.trustix.org/errata/2005/0003/" }, { "name" : "12275", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/12275" }, { "name" : "12886", "refsource" : "OSVDB", "url" : "http://www.osvdb.org/12886" }, { "name" : "oval:org.mitre.oval:def:10269", "refsource" : "OVAL", "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10269" }, { "name" : "1012882", "refsource" : "SECTRACK", "url" : "http://securitytracker.com/id?1012882" }, { "name" : "13825", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/13825" } ] } }