Vulnerabilities > CVE-2004-2479 - Unspecified vulnerability in National Science Foundation Squid web Proxy Cache

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.

Nessus

  • NASL familyFirewalls
    NASL idSQUID_MEM_DISCLOSURE.NASL
    descriptionAccording to its banner, the version of Squid running on the remote host is prior to 2.5.STABLE8. It is, therefore, affected by an information disclosure vulnerability due to improper handling of malformed host names. An unauthenticated, remote attacker can exploit this issue to disclose the contents of recently freed memory as error messages. Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id15929
    published2004-12-09
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15929
    titleSquid < 2.5.STABLE8 Malformed Host Name Error Message Information Disclosure
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2005-766.NASL
    descriptionAn updated Squid package that fixes security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A bug was found in the way Squid displays error messages. A remote attacker could submit a request containing an invalid hostname which would result in Squid displaying a previously used error message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-2479 to this issue. Two denial of service bugs were found in the way Squid handles malformed requests. A remote attacker could submit a specially crafted request to Squid that would cause the server to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2794 and CVE-2005-2796 to these issues. Please note that CVE-2005-2796 does not affect Red Hat Enterprise Linux 2.1 Users of Squid should upgrade to this updated package that contains backported patches, and is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id19713
    published2005-09-17
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/19713
    titleRHEL 2.1 / 3 / 4 : squid (RHSA-2005:766)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2005-766.NASL
    descriptionAn updated Squid package that fixes security issues is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Squid is a full-featured Web proxy cache. A bug was found in the way Squid displays error messages. A remote attacker could submit a request containing an invalid hostname which would result in Squid displaying a previously used error message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-2479 to this issue. Two denial of service bugs were found in the way Squid handles malformed requests. A remote attacker could submit a specially crafted request to Squid that would cause the server to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-2794 and CVE-2005-2796 to these issues. Please note that CVE-2005-2796 does not affect Red Hat Enterprise Linux 2.1 Users of Squid should upgrade to this updated package that contains backported patches, and is not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id21855
    published2006-07-03
    reporterThis script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/21855
    titleCentOS 3 / 4 : squid (CESA-2005:766)

Oval

accepted2013-04-29T04:21:31.665-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 3
    ovaloval:org.mitre.oval:def:11782
  • commentCentOS Linux 3.x
    ovaloval:org.mitre.oval:def:16651
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 4
    ovaloval:org.mitre.oval:def:11831
  • commentCentOS Linux 4.x
    ovaloval:org.mitre.oval:def:16636
  • commentOracle Linux 4.x
    ovaloval:org.mitre.oval:def:15990
descriptionSquid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
familyunix
idoval:org.mitre.oval:def:9711
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleSquid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
version26

Redhat

advisories
rhsa
idRHSA-2005:766
rpms
  • squid-7:2.5.STABLE3-6.3E.14
  • squid-7:2.5.STABLE6-3.4E.11
  • squid-debuginfo-7:2.5.STABLE3-6.3E.14
  • squid-debuginfo-7:2.5.STABLE6-3.4E.11