CVE-2005-0446
CVSS5.0
发布时间 :2005-05-02 00:00:00
修订时间 :2016-10-17 23:11:43
NMCOS    

[原文]Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qualified Domain Names (FQDN) in fqdncache.c or (2) IP addresses in ipcache.c, which trigger an assertion failure.


[CNNVD]Squid Proxy DNS Name Resolver远程拒绝服务漏洞(CNNVD-200505-077)

        Squid 2.5.STABLE8以及较早的版本允许远程攻击者通过关于(1) fqdncache.c的"完全合格域名"(FQDN)或(2)ipcache.c的IP地址的特定DNS响应来引起拒绝服务(崩溃)攻击,从而触发声明故障。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:squid:squid:2.1.patch1
cpe:/a:squid:squid:2.1.patch2
cpe:/a:squid:squid:2.2.pre2
cpe:/a:squid:squid:2.2.pre1
cpe:/a:squid:squid:2.3.stable4
cpe:/a:squid:squid:2.3.stable5
cpe:/a:squid:squid:2.3.stable2
cpe:/a:squid:squid:2.3.stable3
cpe:/a:squid:squid:2.4
cpe:/a:squid:squid:2.3.devel3
cpe:/a:squid:squid:2.5.stable2
cpe:/a:squid:squid:2.5.stable3
cpe:/a:squid:squid:2.3.devel2
cpe:/a:squid:squid:2.5.stable1
cpe:/a:squid:squid:2.5.stable6
cpe:/a:squid:squid:2.5.stable7
cpe:/a:squid:squid:2.5.stable4
cpe:/a:squid:squid:2.5.stable5
cpe:/a:squid:squid:2.5.stable8
cpe:/a:squid:squid:2.5_.stable1
cpe:/a:squid:squid:2.4_stable7
cpe:/a:squid:squid:2.4_.stable7
cpe:/a:squid:squid:2.4_.stable6
cpe:/a:squid:squid:2.4_.stable2
cpe:/a:squid:squid:2.1.release
cpe:/a:squid:squid:2.2.devel4
cpe:/a:squid:squid:2.2.stable2
cpe:/a:squid:squid:2.2.stable1
cpe:/a:squid:squid:2.5.6
cpe:/a:squid:squid:2.0.pre1
cpe:/a:squid:squid:2.0.patch2
cpe:/a:squid:squid:2.5_.stable5
cpe:/a:squid:squid:2.5_.stable6
cpe:/a:squid:squid:2.5_.stable3
cpe:/a:squid:squid:2.5_.stable4
cpe:/a:squid:squid:2.0.patch1
cpe:/a:squid:squid:2.1.pre3
cpe:/a:squid:squid:2.1.pre4
cpe:/a:squid:squid:2.2.devel3
cpe:/a:squid:squid:2.4.stable3
cpe:/a:squid:squid:2.4.stable4
cpe:/a:squid:squid:2.4.stable1
cpe:/a:squid:squid:2.1.pre1
cpe:/a:squid:squid:2.4.stable2
cpe:/a:squid:squid:2.4.stable7
cpe:/a:squid:squid:2.4.stable6
cpe:/a:squid:squid:2.2.stable5
cpe:/a:squid:squid:2.2.stable4
cpe:/a:squid:squid:2.2.stable3
cpe:/a:squid:squid:2.5_stable3
cpe:/a:squid:squid:2.5_stable4
cpe:/a:squid:squid:2.5_stable9
cpe:/a:squid:squid:2.3_stable5
cpe:/a:squid:squid:2.0_patch2
cpe:/a:squid:squid:2.1_patch2
cpe:/a:squid:squid:2.3_.stable4
cpe:/a:squid:squid:2.3.stable1
cpe:/a:squid:squid:2.0.release
cpe:/a:squid:squid:2.3_.stable5

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11264Squid 2.5.STABLE8 and earlier allows remote attackers to cause a denial of service (crash) via certain DNS responses regarding (1) Fully Qua...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0446
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0446
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200505-077
(官方数据源) CNNVD

- 其它链接及资源

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931
(VENDOR_ADVISORY)  CONECTIVA  CLA-2005:931
http://fedoranews.org/updates/FEDORA--.shtml
(UNKNOWN)  FEDORA  FLSA-2006:152809
http://marc.info/?l=bugtraq&m=110901183320453&w=2
(UNKNOWN)  BUGTRAQ  20050221 [USN-84-1] Squid vulnerabilities
http://www.debian.org/security/2005/dsa-688
(VENDOR_ADVISORY)  DEBIAN  DSA-688
http://www.gentoo.org/security/en/glsa/glsa-200502-25.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200502-25
http://www.mandriva.com/security/advisories?name=MDKSA-2005:047
(UNKNOWN)  MANDRAKE  MDKSA-2005:047
http://www.redhat.com/support/errata/RHSA-2005-173.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:173
http://www.redhat.com/support/errata/RHSA-2005-201.html
(UNKNOWN)  REDHAT  RHSA-2005:201
http://www.securityfocus.com/bid/12551
(UNKNOWN)  BID  12551
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert
(PATCH)  CONFIRM  http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch
(PATCH)  CONFIRM  http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE8-dns_assert.patch
http://xforce.iss.net/xforce/xfdb/19332
(UNKNOWN)  XF  squid-xstrndup-dos(19332)

- 漏洞信息

Squid Proxy DNS Name Resolver远程拒绝服务漏洞
中危 其他
2005-05-02 00:00:00 2005-10-20 00:00:00
远程  
        Squid 2.5.STABLE8以及较早的版本允许远程攻击者通过关于(1) fqdncache.c的"完全合格域名"(FQDN)或(2)ipcache.c的IP地址的特定DNS响应来引起拒绝服务(崩溃)攻击,从而触发声明故障。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

- 漏洞信息

13776
Squid Malformed FQDN Lookup DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-02-13 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Squid Proxy DNS Name Resolver Remote Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 12551
Yes No
2005-02-14 12:00:00 2006-12-20 09:32:00
This vulnerability was announced by the vendor.

- 受影响的程序版本

Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Squid Web Proxy Cache 2.5 .STABLE8
+ Gentoo Linux
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
+ Ubuntu Ubuntu Linux 5.0 4 powerpc
+ Ubuntu Ubuntu Linux 5.0 4 i386
+ Ubuntu Ubuntu Linux 5.0 4 amd64
Squid Web Proxy Cache 2.5 .STABLE7
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ Gentoo Linux
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
Squid Web Proxy Cache 2.5 .STABLE6
+ Mandriva Linux Mandrake 10.1 x86_64
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Turbolinux Appliance Server 1.0 Workgroup Edition
+ Turbolinux Appliance Server 1.0 Hosting Edition
+ Turbolinux Appliance Server Hosting Edition 1.0
+ Turbolinux Appliance Server Workgroup Edition 1.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 8.0
+ Turbolinux Turbolinux Server 7.0
+ Turbolinux Turbolinux Workstation 8.0
+ Turbolinux Turbolinux Workstation 7.0
Squid Web Proxy Cache 2.5 .STABLE5
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Squid Web Proxy Cache 2.5 .STABLE4
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.0
+ OpenPKG OpenPKG Current
Squid Web Proxy Cache 2.5 .STABLE3
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ OpenPKG OpenPKG 1.3
+ Red Hat Enterprise Linux AS 3
+ Red Hat Fedora Core1
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
Squid Web Proxy Cache 2.5 .STABLE1
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ S.u.S.E. Linux Personal 8.2
SGI ProPack 3.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Application Server WS 3
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1

- 漏洞讨论

A remote denial-of-service vulnerability is reported to exist in Squid. The issue is reported to present itself when the affected server performs a Fully Qualify Domain Name (FQDN) lookup and receives an unexpected response.

The vendor reports that under the above circumstances, the affected service will crash due to an assertion error, effectively denying service to legitimate users.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Please see the referenced vendor advisories for more information and fixes.


Squid Web Proxy Cache 2.5 .STABLE6

Squid Web Proxy Cache 2.5 .STABLE4

Squid Web Proxy Cache 2.5 .STABLE1

Squid Web Proxy Cache 2.5 .STABLE3

Squid Web Proxy Cache 2.5 .STABLE7

Squid Web Proxy Cache 2.5 .STABLE5

Squid Web Proxy Cache 2.5 .STABLE8

SGI ProPack 3.0

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站