CVE Vulnerabilities

CVE-2004-0918

Published: Jan 27, 2005 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error.

Affected Software

Name Vendor Start Version End Version
Openpkg Openpkg 2.1 2.1
Openpkg Openpkg 2.2 2.2
Openpkg Openpkg current current
Squid Squid 2.0_patch2 2.0_patch2
Squid Squid 2.1_patch2 2.1_patch2
Squid Squid 2.3_.stable4 2.3_.stable4
Squid Squid 2.3_.stable5 2.3_.stable5
Squid Squid 2.4 2.4
Squid Squid 2.4_.stable2 2.4_.stable2
Squid Squid 2.4_.stable6 2.4_.stable6
Squid Squid 2.4_.stable7 2.4_.stable7
Squid Squid 2.5_.stable1 2.5_.stable1
Squid Squid 2.5_.stable3 2.5_.stable3
Squid Squid 2.5_.stable4 2.5_.stable4
Squid Squid 2.5_.stable5 2.5_.stable5
Squid Squid 2.5_.stable6 2.5_.stable6
Squid Squid 3.0_pre1 3.0_pre1
Squid Squid 3.0_pre2 3.0_pre2
Squid Squid 3.0_pre3 3.0_pre3
Red Hat Enterprise Linux 3 RedHat squid-7:2.5.STABLE3-6.3E.2 *
Squid Ubuntu dapper *
Squid Ubuntu devel *
Squid Ubuntu edgy *
Squid Ubuntu feisty *

References