Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2005-0718

Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.

Related bugs and status

CVE-2005-0718 (Candidate) is related to these bugs:

Bug #16326: CAN-2005-0718: remote DoS from aborted connections

Summary				In	Importance	Status
	16326	CAN-2005-0718: remote DoS from aborted connections		squid (Ubuntu)	High	Fix Released
	16326	CAN-2005-0718: remote DoS from aborted connections		squid (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.squid-cache...
CONFIRM: http://www1.uk.squid-c...
REDHAT: RHSA-2005:415
FEDORA: FLSA-2006:152809
BID: 13166
SECUNIA: 12508
REDHAT: RHSA-2005:489
CONECTIVA: CLA-2005:931
XF: squid-put-post-dos(19919)
OVAL: oval:org.mitre.oval:de...
UBUNTU: USN-111-1