ID CVE-2005-2794
Summary store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
References
Vulnerable Configurations
  • cpe:2.3:a:squid:squid:2.0.patch1
    cpe:2.3:a:squid:squid:2.0.patch1
  • cpe:2.3:a:squid:squid:2.0.patch2
    cpe:2.3:a:squid:squid:2.0.patch2
  • cpe:2.3:a:squid:squid:2.0.pre1
    cpe:2.3:a:squid:squid:2.0.pre1
  • cpe:2.3:a:squid:squid:2.0.release
    cpe:2.3:a:squid:squid:2.0.release
  • cpe:2.3:a:squid:squid:2.1.patch1
    cpe:2.3:a:squid:squid:2.1.patch1
  • cpe:2.3:a:squid:squid:2.1.patch2
    cpe:2.3:a:squid:squid:2.1.patch2
  • cpe:2.3:a:squid:squid:2.1.pre1
    cpe:2.3:a:squid:squid:2.1.pre1
  • cpe:2.3:a:squid:squid:2.1.pre3
    cpe:2.3:a:squid:squid:2.1.pre3
  • cpe:2.3:a:squid:squid:2.1.pre4
    cpe:2.3:a:squid:squid:2.1.pre4
  • cpe:2.3:a:squid:squid:2.1.release
    cpe:2.3:a:squid:squid:2.1.release
  • cpe:2.3:a:squid:squid:2.2.devel3
    cpe:2.3:a:squid:squid:2.2.devel3
  • cpe:2.3:a:squid:squid:2.2.devel4
    cpe:2.3:a:squid:squid:2.2.devel4
  • cpe:2.3:a:squid:squid:2.2.pre1
    cpe:2.3:a:squid:squid:2.2.pre1
  • cpe:2.3:a:squid:squid:2.2.pre2
    cpe:2.3:a:squid:squid:2.2.pre2
  • cpe:2.3:a:squid:squid:2.2.stable1
    cpe:2.3:a:squid:squid:2.2.stable1
  • cpe:2.3:a:squid:squid:2.2.stable2
    cpe:2.3:a:squid:squid:2.2.stable2
  • cpe:2.3:a:squid:squid:2.2.stable3
    cpe:2.3:a:squid:squid:2.2.stable3
  • cpe:2.3:a:squid:squid:2.2.stable4
    cpe:2.3:a:squid:squid:2.2.stable4
  • cpe:2.3:a:squid:squid:2.2.stable5
    cpe:2.3:a:squid:squid:2.2.stable5
  • cpe:2.3:a:squid:squid:2.3.devel2
    cpe:2.3:a:squid:squid:2.3.devel2
  • cpe:2.3:a:squid:squid:2.3.devel3
    cpe:2.3:a:squid:squid:2.3.devel3
  • cpe:2.3:a:squid:squid:2.3.stable1
    cpe:2.3:a:squid:squid:2.3.stable1
  • cpe:2.3:a:squid:squid:2.3.stable2
    cpe:2.3:a:squid:squid:2.3.stable2
  • cpe:2.3:a:squid:squid:2.3.stable3
    cpe:2.3:a:squid:squid:2.3.stable3
  • cpe:2.3:a:squid:squid:2.3.stable4
    cpe:2.3:a:squid:squid:2.3.stable4
  • cpe:2.3:a:squid:squid:2.3.stable5
    cpe:2.3:a:squid:squid:2.3.stable5
  • cpe:2.3:a:squid:squid:2.4.stable1
    cpe:2.3:a:squid:squid:2.4.stable1
  • cpe:2.3:a:squid:squid:2.4.stable2
    cpe:2.3:a:squid:squid:2.4.stable2
  • cpe:2.3:a:squid:squid:2.4.stable3
    cpe:2.3:a:squid:squid:2.4.stable3
  • cpe:2.3:a:squid:squid:2.4.stable4
    cpe:2.3:a:squid:squid:2.4.stable4
  • cpe:2.3:a:squid:squid:2.4.stable6
    cpe:2.3:a:squid:squid:2.4.stable6
  • cpe:2.3:a:squid:squid:2.4.stable7
    cpe:2.3:a:squid:squid:2.4.stable7
  • cpe:2.3:a:squid:squid:2.5.stable1
    cpe:2.3:a:squid:squid:2.5.stable1
  • cpe:2.3:a:squid:squid:2.5.stable2
    cpe:2.3:a:squid:squid:2.5.stable2
  • cpe:2.3:a:squid:squid:2.5.stable3
    cpe:2.3:a:squid:squid:2.5.stable3
  • cpe:2.3:a:squid:squid:2.5.stable4
    cpe:2.3:a:squid:squid:2.5.stable4
  • cpe:2.3:a:squid:squid:2.5.stable5
    cpe:2.3:a:squid:squid:2.5.stable5
  • cpe:2.3:a:squid:squid:2.5.stable6
    cpe:2.3:a:squid:squid:2.5.stable6
  • cpe:2.3:a:squid:squid:2.5.stable7
    cpe:2.3:a:squid:squid:2.5.stable7
  • cpe:2.3:a:squid:squid:2.5.stable8
    cpe:2.3:a:squid:squid:2.5.stable8
  • cpe:2.3:a:squid:squid:2.5.stable9
    cpe:2.3:a:squid:squid:2.5.stable9
  • cpe:2.3:a:squid:squid:2.5.stable10
    cpe:2.3:a:squid:squid:2.5.stable10
CVSS
Base: 5.0 (as of 07-09-2005 - 14:13)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-766.NASL
    description An updated Squid package that fixes security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A bug was found in the way Squid displays error messages. A remote attacker could submit a request containing an invalid hostname which would result in Squid displaying a previously used error message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-2479 to this issue. Two denial of service bugs were found in the way Squid handles malformed requests. A remote attacker could submit a specially crafted request to Squid that would cause the server to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2794 and CVE-2005-2796 to these issues. Please note that CVE-2005-2796 does not affect Red Hat Enterprise Linux 2.1 Users of Squid should upgrade to this updated package that contains backported patches, and is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21855
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21855
    title CentOS 3 / 4 : squid (CESA-2005:766)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_0C0DC4091C5E11DA92CE0048543D60CE.NASL
    description The squid patches page notes : Squid crashes with the above assertion failure [assertion failed : store.c:523: 'e->store_status == STORE_PENDING'] in certain conditions involving aborted requests.
    last seen 2019-02-21
    modified 2018-11-21
    plugin id 21386
    published 2006-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21386
    title FreeBSD : squid -- Possible Denial Of Service Vulnerability in store.c (0c0dc409-1c5e-11da-92ce-0048543d60ce)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-183-1.NASL
    description A Denial of Service vulnerability was discovered in the handling of aborted requests. A remote attacker could exploit this to crash Squid by sending specially crafted requests. (CAN-2005-2794) Alex Masterov discovered a Denial of Service vulnerability in the sslConnectTimeout() function. By sending specially crafted SSL requests, a remote attacker could exploit this to crash Squid. (CAN-2005-2796). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-15
    plugin id 20594
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20594
    title Ubuntu 4.10 / 5.04 : squid vulnerabilities (USN-183-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-809.NASL
    description Certain aborted requests that trigger an assertion in squid, the popular WWW proxy cache, may allow remote attackers to cause a denial of service. This update also fixes a regression caused by DSA 751. For completeness below is the original advisory text : Several vulnerabilities have been discovered in Squid, the popular WWW proxy cache. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2794 Certain aborted requests that trigger an assert may allow remote attackers to cause a denial of service. - CAN-2005-2796 Specially crafted requests can cause a denial of service.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 19684
    published 2005-09-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19684
    title Debian DSA-809-2 : squid - several vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-162.NASL
    description Two vulnerabilities were recently discovered in squid : The first is a DoS possible via certain aborted requests that trigger an assertion error related to 'STOP_PENDING' (CVE-2005-2794). The second is a DoS caused by certain crafted requests and SSL timeouts (CVE-2005-2796). The updated packages have been patched to address these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 19917
    published 2005-10-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19917
    title Mandrake Linux Security Advisory : squid (MDKSA-2005:162)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200509-06.NASL
    description The remote host is affected by the vulnerability described in GLSA-200509-06 (Squid: Denial of Service vulnerabilities) Certain malformed requests result in a segmentation fault in the sslConnectTimeout function, handling of other certain requests trigger assertion failures. Impact : By performing malformed requests an attacker could cause Squid to crash by triggering an assertion failure or invalid memory reference. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 19671
    published 2005-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19671
    title GLSA-200509-06 : Squid: Denial of Service vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-766.NASL
    description An updated Squid package that fixes security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A bug was found in the way Squid displays error messages. A remote attacker could submit a request containing an invalid hostname which would result in Squid displaying a previously used error message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-2479 to this issue. Two denial of service bugs were found in the way Squid handles malformed requests. A remote attacker could submit a specially crafted request to Squid that would cause the server to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2794 and CVE-2005-2796 to these issues. Please note that CVE-2005-2796 does not affect Red Hat Enterprise Linux 2.1 Users of Squid should upgrade to this updated package that contains backported patches, and is not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 19713
    published 2005-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19713
    title RHEL 2.1 / 3 / 4 : squid (RHSA-2005:766)
oval via4
accepted 2013-04-29T04:04:14.839-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
family unix
id oval:org.mitre.oval:def:10276
status accepted
submitted 2010-07-09T03:56:16-04:00
title store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
version 23
redhat via4
advisories
rhsa
id RHSA-2005:766
refmap via4
bid 14761
confirm http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-STORE_PENDING
debian DSA-809
fedora FLSA-2006:152809
gentoo GLSA-200509-06
mandriva MDKSA-2005:162
secunia
  • 16977
  • 17027
suse
  • SUSE-SA:2005:053
  • SUSE-SR:2005:021
Last major update 21-08-2010 - 00:32
Published 07-09-2005 - 14:03
Last modified 10-10-2017 - 21:30
Back to Top