FreeBSD Ports: Squid Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-gopher_html_parsing http://www.squid-cache.org/bugs/show_bug.cgi?id=1189 http://www.squid-cache.org/Advisories/SQUID-2005_1.txt http://www.vuxml.org/freebsd/184ab9e0-64cd-11d9-9e1e-c296ac722cb3.html

Insight

The following package is affected: squid CVE-2005-0094 Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.

Severity

Classification

CVE CVE-2005-0094
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

FreeBSD Ports: acroread7, ja-acroread
FreeBSD Ports: bugzilla
FreeBSD Ports: cabextract
FreeBSD Ports: apache
FreeBSD Ports: bugzilla, ja-bugzilla

FreeBSD Ports: squid

Take action and discover your vulnerabilities