FreeBSD Ports: Squid Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.squid-cache.org/Advisories/SQUID-2005_3.txt http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflow http://www.squid-cache.org/bugs/show_bug.cgi?id=1217 http://www.vuxml.org/freebsd/23fb5a04-722b-11d9-9e1e-c296ac722cb3.html

Insight

The following package is affected: squid CVE-2005-0211 Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.

Severity

Classification

CVE CVE-2005-0211
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: chromium
FreeBSD Ports: chromium
FreeBSD Ports: chromium
FreeBSD Ports: apache
FreeBSD Ports: caml-light

FreeBSD Ports: squid

Take action and discover your vulnerabilities