Vulnerability-Lookup

CVE-2005-2917 (GCVE-0-2005-2917)

Vulnerability from cvelistv5 – Published: 2005-09-30 04:00 – Updated: 2024-08-07 22:53

Summary

Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

GSD-2005-2917

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

Aliases

CVE-2005-2917

Aliases

CVE-2005-2917

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-2917",
    "description": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).",
    "id": "GSD-2005-2917",
    "references": [
      "https://www.suse.com/security/cve/CVE-2005-2917.html",
      "https://www.debian.org/security/2005/dsa-828",
      "https://access.redhat.com/errata/RHSA-2006:0052",
      "https://access.redhat.com/errata/RHSA-2006:0045"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-2917"
      ],
      "details": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).",
      "id": "GSD-2005-2917",
      "modified": "2023-12-13T01:20:10.692089Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2005-2917",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt",
            "refsource": "MISC",
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2005_27_sr.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
          },
          {
            "name": "http://fedoranews.org/updates/FEDORA--.shtml",
            "refsource": "MISC",
            "url": "http://fedoranews.org/updates/FEDORA--.shtml"
          },
          {
            "name": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U",
            "refsource": "MISC",
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"
          },
          {
            "name": "http://secunia.com/advisories/19532",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/19532"
          },
          {
            "name": "http://secunia.com/advisories/16992",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/16992"
          },
          {
            "name": "http://secunia.com/advisories/17015",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17015"
          },
          {
            "name": "http://secunia.com/advisories/17050",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17050"
          },
          {
            "name": "http://secunia.com/advisories/17177",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17177"
          },
          {
            "name": "http://secunia.com/advisories/19161",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/19161"
          },
          {
            "name": "http://securitytracker.com/id?1014920",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1014920"
          },
          {
            "name": "http://www.debian.org/security/2005/dsa-828",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2005/dsa-828"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181"
          },
          {
            "name": "http://www.osvdb.org/19607",
            "refsource": "MISC",
            "url": "http://www.osvdb.org/19607"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0045.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0045.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2006-0052.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0052.html"
          },
          {
            "name": "http://www.securityfocus.com/bid/14977",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/14977"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-192-1/",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-192-1/"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:squid:squid:2.5.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.5.stable10",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2005-2917"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-828",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2005/dsa-828"
            },
            {
              "name": "16992",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/16992"
            },
            {
              "name": "MDKSA-2005:181",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181"
            },
            {
              "name": "FLSA-2006:152809",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/updates/FEDORA--.shtml"
            },
            {
              "name": "14977",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/14977"
            },
            {
              "name": "RHSA-2006:0052",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0052.html"
            },
            {
              "name": "SCOSA-2005.49",
              "refsource": "SCO",
              "tags": [],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
            },
            {
              "name": "USN-192-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-192-1/"
            },
            {
              "name": "19607",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/19607"
            },
            {
              "name": "1014920",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1014920"
            },
            {
              "name": "17015",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17015"
            },
            {
              "name": "19161",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19161"
            },
            {
              "name": "RHSA-2006:0045",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0045.html"
            },
            {
              "name": "17050",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17050"
            },
            {
              "name": "17177",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17177"
            },
            {
              "name": "20060401-01-U",
              "refsource": "SGI",
              "tags": [],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"
            },
            {
              "name": "19532",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19532"
            },
            {
              "name": "SUSE-SR:2005:027",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
            },
            {
              "name": "squid-ntlm-authentication-dos(24282)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282"
            },
            {
              "name": "oval:org.mitre.oval:def:11580",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-10-11T01:30Z",
      "publishedDate": "2005-09-30T18:05Z"
    }
  }
}

FKIE_CVE-2005-2917

Vulnerability from fkie_nvd - Published: 2005-09-30 18:05 - Updated: 2025-04-03 01:03

Severity ?

Summary

Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

References

URL	Tags
secalert@redhat.com	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
secalert@redhat.com	ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
secalert@redhat.com	http://fedoranews.org/updates/FEDORA--.shtml
secalert@redhat.com	http://secunia.com/advisories/16992	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/17015
secalert@redhat.com	http://secunia.com/advisories/17050
secalert@redhat.com	http://secunia.com/advisories/17177
secalert@redhat.com	http://secunia.com/advisories/19161
secalert@redhat.com	http://secunia.com/advisories/19532
secalert@redhat.com	http://securitytracker.com/id?1014920
secalert@redhat.com	http://www.debian.org/security/2005/dsa-828	Patch, Vendor Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2005:181
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2005_27_sr.html
secalert@redhat.com	http://www.osvdb.org/19607
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0045.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2006-0052.html
secalert@redhat.com	http://www.securityfocus.com/bid/14977
secalert@redhat.com	http://www.ubuntu.com/usn/usn-192-1/
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/24282
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
af854a3a-2127-422b-91ae-364da2661108	ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/updates/FEDORA--.shtml
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/16992	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17015
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17050
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17177
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19161
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19532
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014920
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-828	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:181
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2005_27_sr.html
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/19607
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0045.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2006-0052.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/14977
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-192-1/
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24282
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580

Impacted products

	Vendor	Product	Version
	squid	squid	*
	squid	squid	2.5.9

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:squid:squid:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE077B6D-CB5E-445A-97F8-444D3D7FCAD5",
              "versionEndIncluding": "2.5.stable10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:squid:squid:2.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DD7F1E4-35E3-43A0-B4F8-68697D70908E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart)."
    }
  ],
  "id": "CVE-2005-2917",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-09-30T18:05:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/updates/FEDORA--.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16992"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17015"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17050"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17177"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19161"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19532"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1014920"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-828"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.osvdb.org/19607"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0045.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0052.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/14977"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-192-1/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/updates/FEDORA--.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17050"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17177"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19532"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-828"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/19607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0045.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0052.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/14977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-192-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

RHSA-2006:0052

Vulnerability from csaf_redhat - Published: 2006-03-07 15:17 - Updated: 2025-11-21 17:29

Summary

Red Hat Security Advisory: squid security update

Notes

Topic

An updated squid package that fixes a security vulnerability as well as several issues is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Details

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. A denial of service flaw was found in the way squid processes certain NTLM authentication requests. It is possible for a remote attacker to crash the Squid server by sending a specially crafted NTLM authentication request. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2005-2917 to this issue. The following issues have also been fixed in this update: * An error introduced in squid-2.5.STABLE6-3.4E.12 can crash Squid when a user visits a site that has a bit longer DNS record. * An error introduced in the old package prevented Squid from returning correct information about large file systems. The new package is compiled with the IDENT lookup support so that users who want to use it do not have to recompile it. * Some authentication helpers needed SETUID rights but did not have them. If administrators wanted to use cache administrator, they had to change the SETUID bit manually. The updated package sets this bit so the new package can be updated without manual intervention from administrators. * Squid could not handle a reply from an HTTP server when the reply began with the new-line character. * An issue was discovered when a reply from an HTTP server was not HTTP 1.0 or 1.1 compliant. * The updated package keeps user-defined error pages when the package is updated and it adds new ones. All users of squid should upgrade to this updated package, which resolves these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated squid package that fixes a security vulnerability as well as\nseveral issues is now available.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way squid processes certain NTLM\nauthentication requests. It is possible for a remote attacker to crash the\nSquid server by sending a specially crafted NTLM authentication request.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) assigned\nthe name CVE-2005-2917 to this issue.\n\nThe following issues have also been fixed in this update: \n\n* An error introduced in squid-2.5.STABLE6-3.4E.12 can crash Squid when a\n  user visits a site that has a bit longer DNS record.\n\n* An error introduced in the old package prevented Squid from returning\n  correct information about large file systems. The new package is compiled\n  with the IDENT lookup support so that users who want to use it do not\n  have to recompile it.\n\n* Some authentication helpers needed SETUID rights but did not have them.\n  If administrators wanted to use cache administrator, they had to change\n  the SETUID bit manually. The updated package sets this bit so the new\n  package can be updated without manual intervention from administrators.\n\n* Squid could not handle a reply from an HTTP server when the reply began\n  with the new-line character. \n\n* An issue was discovered when a reply from an HTTP server was not\n  HTTP 1.0 or 1.1 compliant.\n\n* The updated package keeps user-defined error pages when the package\n  is updated and it adds new ones.\n \nAll users of squid should upgrade to this updated package, which resolves\nthese issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2006:0052",
        "url": "https://access.redhat.com/errata/RHSA-2006:0052"
      },
      {
        "category": "external",
        "summary": "160704",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=160704"
      },
      {
        "category": "external",
        "summary": "162660",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=162660"
      },
      {
        "category": "external",
        "summary": "168378",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=168378"
      },
      {
        "category": "external",
        "summary": "170399",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=170399"
      },
      {
        "category": "external",
        "summary": "172375",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=172375"
      },
      {
        "category": "external",
        "summary": "172392",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=172392"
      },
      {
        "category": "external",
        "summary": "172697",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=172697"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0052.json"
      }
    ],
    "title": "Red Hat Security Advisory: squid security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:29:51+00:00",
      "generator": {
        "date": "2025-11-21T17:29:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2006:0052",
      "initial_release_date": "2006-03-07T15:17:00+00:00",
      "revision_history": [
        {
          "date": "2006-03-07T15:17:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2006-03-07T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:29:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE6-3.4E.12.ia64",
                "product": {
                  "name": "squid-7:2.5.STABLE6-3.4E.12.ia64",
                  "product_id": "squid-7:2.5.STABLE6-3.4E.12.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE6-3.4E.12?arch=ia64\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
                  "product_id": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE6-3.4E.12?arch=ia64\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE6-3.4E.12.src",
                "product": {
                  "name": "squid-7:2.5.STABLE6-3.4E.12.src",
                  "product_id": "squid-7:2.5.STABLE6-3.4E.12.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE6-3.4E.12?arch=src\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE6-3.4E.12.x86_64",
                "product": {
                  "name": "squid-7:2.5.STABLE6-3.4E.12.x86_64",
                  "product_id": "squid-7:2.5.STABLE6-3.4E.12.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE6-3.4E.12?arch=x86_64\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
                  "product_id": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE6-3.4E.12?arch=x86_64\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE6-3.4E.12.i386",
                "product": {
                  "name": "squid-7:2.5.STABLE6-3.4E.12.i386",
                  "product_id": "squid-7:2.5.STABLE6-3.4E.12.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE6-3.4E.12?arch=i386\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
                  "product_id": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE6-3.4E.12?arch=i386\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE6-3.4E.12.ppc",
                "product": {
                  "name": "squid-7:2.5.STABLE6-3.4E.12.ppc",
                  "product_id": "squid-7:2.5.STABLE6-3.4E.12.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE6-3.4E.12?arch=ppc\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
                  "product_id": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE6-3.4E.12?arch=ppc\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE6-3.4E.12.s390x",
                "product": {
                  "name": "squid-7:2.5.STABLE6-3.4E.12.s390x",
                  "product_id": "squid-7:2.5.STABLE6-3.4E.12.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE6-3.4E.12?arch=s390x\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
                  "product_id": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE6-3.4E.12?arch=s390x\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE6-3.4E.12.s390",
                "product": {
                  "name": "squid-7:2.5.STABLE6-3.4E.12.s390",
                  "product_id": "squid-7:2.5.STABLE6-3.4E.12.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE6-3.4E.12?arch=s390\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
                  "product_id": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE6-3.4E.12?arch=s390\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-7:2.5.STABLE6-3.4E.12.src"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-7:2.5.STABLE6-3.4E.12.src"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-7:2.5.STABLE6-3.4E.12.src"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-7:2.5.STABLE6-3.4E.12.src"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
        "relates_to_product_reference": "4WS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2005-2917",
      "discovery_date": "2005-09-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617765"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:squid-7:2.5.STABLE6-3.4E.12.i386",
          "4AS:squid-7:2.5.STABLE6-3.4E.12.ia64",
          "4AS:squid-7:2.5.STABLE6-3.4E.12.ppc",
          "4AS:squid-7:2.5.STABLE6-3.4E.12.s390",
          "4AS:squid-7:2.5.STABLE6-3.4E.12.s390x",
          "4AS:squid-7:2.5.STABLE6-3.4E.12.src",
          "4AS:squid-7:2.5.STABLE6-3.4E.12.x86_64",
          "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
          "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
          "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
          "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
          "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
          "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
          "4Desktop:squid-7:2.5.STABLE6-3.4E.12.i386",
          "4Desktop:squid-7:2.5.STABLE6-3.4E.12.ia64",
          "4Desktop:squid-7:2.5.STABLE6-3.4E.12.ppc",
          "4Desktop:squid-7:2.5.STABLE6-3.4E.12.s390",
          "4Desktop:squid-7:2.5.STABLE6-3.4E.12.s390x",
          "4Desktop:squid-7:2.5.STABLE6-3.4E.12.src",
          "4Desktop:squid-7:2.5.STABLE6-3.4E.12.x86_64",
          "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
          "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
          "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
          "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
          "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
          "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
          "4ES:squid-7:2.5.STABLE6-3.4E.12.i386",
          "4ES:squid-7:2.5.STABLE6-3.4E.12.ia64",
          "4ES:squid-7:2.5.STABLE6-3.4E.12.ppc",
          "4ES:squid-7:2.5.STABLE6-3.4E.12.s390",
          "4ES:squid-7:2.5.STABLE6-3.4E.12.s390x",
          "4ES:squid-7:2.5.STABLE6-3.4E.12.src",
          "4ES:squid-7:2.5.STABLE6-3.4E.12.x86_64",
          "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
          "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
          "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
          "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
          "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
          "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
          "4WS:squid-7:2.5.STABLE6-3.4E.12.i386",
          "4WS:squid-7:2.5.STABLE6-3.4E.12.ia64",
          "4WS:squid-7:2.5.STABLE6-3.4E.12.ppc",
          "4WS:squid-7:2.5.STABLE6-3.4E.12.s390",
          "4WS:squid-7:2.5.STABLE6-3.4E.12.s390x",
          "4WS:squid-7:2.5.STABLE6-3.4E.12.src",
          "4WS:squid-7:2.5.STABLE6-3.4E.12.x86_64",
          "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
          "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
          "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
          "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
          "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
          "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2005-2917"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617765",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617765"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2005-2917",
          "url": "https://www.cve.org/CVERecord?id=CVE-2005-2917"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-2917",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2917"
        }
      ],
      "release_date": "2005-09-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2006-03-07T15:17:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  Use Red Hat\nNetwork to download and update your packages.  To launch the Red Hat\nUpdate Agent, use the following command:\n\n    up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n    http://www.redhat.com/docs/manuals/enterprise/",
          "product_ids": [
            "4AS:squid-7:2.5.STABLE6-3.4E.12.i386",
            "4AS:squid-7:2.5.STABLE6-3.4E.12.ia64",
            "4AS:squid-7:2.5.STABLE6-3.4E.12.ppc",
            "4AS:squid-7:2.5.STABLE6-3.4E.12.s390",
            "4AS:squid-7:2.5.STABLE6-3.4E.12.s390x",
            "4AS:squid-7:2.5.STABLE6-3.4E.12.src",
            "4AS:squid-7:2.5.STABLE6-3.4E.12.x86_64",
            "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
            "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
            "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
            "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
            "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
            "4AS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
            "4Desktop:squid-7:2.5.STABLE6-3.4E.12.i386",
            "4Desktop:squid-7:2.5.STABLE6-3.4E.12.ia64",
            "4Desktop:squid-7:2.5.STABLE6-3.4E.12.ppc",
            "4Desktop:squid-7:2.5.STABLE6-3.4E.12.s390",
            "4Desktop:squid-7:2.5.STABLE6-3.4E.12.s390x",
            "4Desktop:squid-7:2.5.STABLE6-3.4E.12.src",
            "4Desktop:squid-7:2.5.STABLE6-3.4E.12.x86_64",
            "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
            "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
            "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
            "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
            "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
            "4Desktop:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
            "4ES:squid-7:2.5.STABLE6-3.4E.12.i386",
            "4ES:squid-7:2.5.STABLE6-3.4E.12.ia64",
            "4ES:squid-7:2.5.STABLE6-3.4E.12.ppc",
            "4ES:squid-7:2.5.STABLE6-3.4E.12.s390",
            "4ES:squid-7:2.5.STABLE6-3.4E.12.s390x",
            "4ES:squid-7:2.5.STABLE6-3.4E.12.src",
            "4ES:squid-7:2.5.STABLE6-3.4E.12.x86_64",
            "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
            "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
            "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
            "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
            "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
            "4ES:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64",
            "4WS:squid-7:2.5.STABLE6-3.4E.12.i386",
            "4WS:squid-7:2.5.STABLE6-3.4E.12.ia64",
            "4WS:squid-7:2.5.STABLE6-3.4E.12.ppc",
            "4WS:squid-7:2.5.STABLE6-3.4E.12.s390",
            "4WS:squid-7:2.5.STABLE6-3.4E.12.s390x",
            "4WS:squid-7:2.5.STABLE6-3.4E.12.src",
            "4WS:squid-7:2.5.STABLE6-3.4E.12.x86_64",
            "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.i386",
            "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ia64",
            "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.ppc",
            "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390",
            "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.s390x",
            "4WS:squid-debuginfo-7:2.5.STABLE6-3.4E.12.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2006:0052"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    }
  ]
}

RHSA-2006:0045

Vulnerability from csaf_redhat - Published: 2006-03-15 14:14 - Updated: 2025-11-21 17:29

Summary

Red Hat Security Advisory: squid security update

Notes

Topic

Updated squid packages that fix a security vulnerability as well as several bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated squid packages that fix a security vulnerability as well as\nseveral bugs are now available.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Squid is a high-performance proxy caching server for Web clients,\nsupporting FTP, gopher, and HTTP data objects.\n\nA denial of service flaw was found in the way squid processes certain NTLM\nauthentication requests.  A remote attacker could send a specially crafted\nNTLM authentication request which would cause the Squid server to crash. \nThe Common Vulnerabilities and Exposures project assigned the name\nCVE-2005-2917 to this issue.\n\nSeveral bugs have also been addressed in this update:\n\n* An error introduced in 2.5.STABLE3-6.3E.14 where Squid can crash if a\nuser visits a site which has a long DNS record.\n\n* Some authentication helpers were missing needed setuid rights.\n\n* Squid couldn\u0027t handle a reply from a HTTP server when the reply began\nwith the new-line character or wasn\u0027t HTTP/1.0 or HTTP/1.1 compliant.\n\n* User-defined error pages were not kept when the squid package was upgraded.\n\nAll users of squid should upgrade to these updated packages, which contain\nbackported patches to resolve these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2006:0045",
        "url": "https://access.redhat.com/errata/RHSA-2006:0045"
      },
      {
        "category": "external",
        "summary": "127836",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=127836"
      },
      {
        "category": "external",
        "summary": "150781",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=150781"
      },
      {
        "category": "external",
        "summary": "163595",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=163595"
      },
      {
        "category": "external",
        "summary": "165367",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=165367"
      },
      {
        "category": "external",
        "summary": "169269",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=169269"
      },
      {
        "category": "external",
        "summary": "170397",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=170397"
      },
      {
        "category": "external",
        "summary": "172693",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=172693"
      },
      {
        "category": "external",
        "summary": "174029",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=174029"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2006/rhsa-2006_0045.json"
      }
    ],
    "title": "Red Hat Security Advisory: squid security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:29:51+00:00",
      "generator": {
        "date": "2025-11-21T17:29:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2006:0045",
      "initial_release_date": "2006-03-15T14:14:00+00:00",
      "revision_history": [
        {
          "date": "2006-03-15T14:14:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2006-03-15T00:00:00+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:29:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 3",
                  "product_id": "3AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Desktop version 3",
                "product": {
                  "name": "Red Hat Desktop version 3",
                  "product_id": "3Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 3",
                  "product_id": "3ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 3",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 3",
                  "product_id": "3WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE3-6.3E.16.ia64",
                "product": {
                  "name": "squid-7:2.5.STABLE3-6.3E.16.ia64",
                  "product_id": "squid-7:2.5.STABLE3-6.3E.16.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE3-6.3E.16?arch=ia64\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
                  "product_id": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE3-6.3E.16?arch=ia64\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE3-6.3E.16.src",
                "product": {
                  "name": "squid-7:2.5.STABLE3-6.3E.16.src",
                  "product_id": "squid-7:2.5.STABLE3-6.3E.16.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE3-6.3E.16?arch=src\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE3-6.3E.16.x86_64",
                "product": {
                  "name": "squid-7:2.5.STABLE3-6.3E.16.x86_64",
                  "product_id": "squid-7:2.5.STABLE3-6.3E.16.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE3-6.3E.16?arch=x86_64\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
                  "product_id": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE3-6.3E.16?arch=x86_64\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE3-6.3E.16.i386",
                "product": {
                  "name": "squid-7:2.5.STABLE3-6.3E.16.i386",
                  "product_id": "squid-7:2.5.STABLE3-6.3E.16.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE3-6.3E.16?arch=i386\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
                  "product_id": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE3-6.3E.16?arch=i386\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE3-6.3E.16.ppc",
                "product": {
                  "name": "squid-7:2.5.STABLE3-6.3E.16.ppc",
                  "product_id": "squid-7:2.5.STABLE3-6.3E.16.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE3-6.3E.16?arch=ppc\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
                  "product_id": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE3-6.3E.16?arch=ppc\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE3-6.3E.16.s390x",
                "product": {
                  "name": "squid-7:2.5.STABLE3-6.3E.16.s390x",
                  "product_id": "squid-7:2.5.STABLE3-6.3E.16.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE3-6.3E.16?arch=s390x\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
                  "product_id": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE3-6.3E.16?arch=s390x\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "squid-7:2.5.STABLE3-6.3E.16.s390",
                "product": {
                  "name": "squid-7:2.5.STABLE3-6.3E.16.s390",
                  "product_id": "squid-7:2.5.STABLE3-6.3E.16.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid@2.5.STABLE3-6.3E.16?arch=s390\u0026epoch=7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
                "product": {
                  "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
                  "product_id": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/squid-debuginfo@2.5.STABLE3-6.3E.16?arch=s390\u0026epoch=7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.src as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-7:2.5.STABLE3-6.3E.16.src"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.src",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
          "product_id": "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.src as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-7:2.5.STABLE3-6.3E.16.src"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.src",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Desktop version 3",
          "product_id": "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.src as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-7:2.5.STABLE3-6.3E.16.src"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.src",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
          "product_id": "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.src as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-7:2.5.STABLE3-6.3E.16.src"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.src",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
        "relates_to_product_reference": "3WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
          "product_id": "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64"
        },
        "product_reference": "squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
        "relates_to_product_reference": "3WS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2005-2917",
      "discovery_date": "2005-09-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1617765"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "security flaw",
          "title": "Vulnerability summary"
        }
      ],
      "product_status": {
        "fixed": [
          "3AS:squid-7:2.5.STABLE3-6.3E.16.i386",
          "3AS:squid-7:2.5.STABLE3-6.3E.16.ia64",
          "3AS:squid-7:2.5.STABLE3-6.3E.16.ppc",
          "3AS:squid-7:2.5.STABLE3-6.3E.16.s390",
          "3AS:squid-7:2.5.STABLE3-6.3E.16.s390x",
          "3AS:squid-7:2.5.STABLE3-6.3E.16.src",
          "3AS:squid-7:2.5.STABLE3-6.3E.16.x86_64",
          "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
          "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
          "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
          "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
          "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
          "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
          "3Desktop:squid-7:2.5.STABLE3-6.3E.16.i386",
          "3Desktop:squid-7:2.5.STABLE3-6.3E.16.ia64",
          "3Desktop:squid-7:2.5.STABLE3-6.3E.16.ppc",
          "3Desktop:squid-7:2.5.STABLE3-6.3E.16.s390",
          "3Desktop:squid-7:2.5.STABLE3-6.3E.16.s390x",
          "3Desktop:squid-7:2.5.STABLE3-6.3E.16.src",
          "3Desktop:squid-7:2.5.STABLE3-6.3E.16.x86_64",
          "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
          "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
          "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
          "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
          "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
          "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
          "3ES:squid-7:2.5.STABLE3-6.3E.16.i386",
          "3ES:squid-7:2.5.STABLE3-6.3E.16.ia64",
          "3ES:squid-7:2.5.STABLE3-6.3E.16.ppc",
          "3ES:squid-7:2.5.STABLE3-6.3E.16.s390",
          "3ES:squid-7:2.5.STABLE3-6.3E.16.s390x",
          "3ES:squid-7:2.5.STABLE3-6.3E.16.src",
          "3ES:squid-7:2.5.STABLE3-6.3E.16.x86_64",
          "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
          "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
          "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
          "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
          "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
          "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
          "3WS:squid-7:2.5.STABLE3-6.3E.16.i386",
          "3WS:squid-7:2.5.STABLE3-6.3E.16.ia64",
          "3WS:squid-7:2.5.STABLE3-6.3E.16.ppc",
          "3WS:squid-7:2.5.STABLE3-6.3E.16.s390",
          "3WS:squid-7:2.5.STABLE3-6.3E.16.s390x",
          "3WS:squid-7:2.5.STABLE3-6.3E.16.src",
          "3WS:squid-7:2.5.STABLE3-6.3E.16.x86_64",
          "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
          "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
          "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
          "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
          "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
          "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2005-2917"
        },
        {
          "category": "external",
          "summary": "RHBZ#1617765",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617765"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2005-2917",
          "url": "https://www.cve.org/CVERecord?id=CVE-2005-2917"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2005-2917",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2917"
        }
      ],
      "release_date": "2005-09-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2006-03-15T14:14:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.  Use Red Hat\nNetwork to download and update your packages.  To launch the Red Hat\nUpdate Agent, use the following command:\n\n    up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n    http://www.redhat.com/docs/manuals/enterprise/",
          "product_ids": [
            "3AS:squid-7:2.5.STABLE3-6.3E.16.i386",
            "3AS:squid-7:2.5.STABLE3-6.3E.16.ia64",
            "3AS:squid-7:2.5.STABLE3-6.3E.16.ppc",
            "3AS:squid-7:2.5.STABLE3-6.3E.16.s390",
            "3AS:squid-7:2.5.STABLE3-6.3E.16.s390x",
            "3AS:squid-7:2.5.STABLE3-6.3E.16.src",
            "3AS:squid-7:2.5.STABLE3-6.3E.16.x86_64",
            "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
            "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
            "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
            "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
            "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
            "3AS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
            "3Desktop:squid-7:2.5.STABLE3-6.3E.16.i386",
            "3Desktop:squid-7:2.5.STABLE3-6.3E.16.ia64",
            "3Desktop:squid-7:2.5.STABLE3-6.3E.16.ppc",
            "3Desktop:squid-7:2.5.STABLE3-6.3E.16.s390",
            "3Desktop:squid-7:2.5.STABLE3-6.3E.16.s390x",
            "3Desktop:squid-7:2.5.STABLE3-6.3E.16.src",
            "3Desktop:squid-7:2.5.STABLE3-6.3E.16.x86_64",
            "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
            "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
            "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
            "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
            "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
            "3Desktop:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
            "3ES:squid-7:2.5.STABLE3-6.3E.16.i386",
            "3ES:squid-7:2.5.STABLE3-6.3E.16.ia64",
            "3ES:squid-7:2.5.STABLE3-6.3E.16.ppc",
            "3ES:squid-7:2.5.STABLE3-6.3E.16.s390",
            "3ES:squid-7:2.5.STABLE3-6.3E.16.s390x",
            "3ES:squid-7:2.5.STABLE3-6.3E.16.src",
            "3ES:squid-7:2.5.STABLE3-6.3E.16.x86_64",
            "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
            "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
            "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
            "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
            "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
            "3ES:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64",
            "3WS:squid-7:2.5.STABLE3-6.3E.16.i386",
            "3WS:squid-7:2.5.STABLE3-6.3E.16.ia64",
            "3WS:squid-7:2.5.STABLE3-6.3E.16.ppc",
            "3WS:squid-7:2.5.STABLE3-6.3E.16.s390",
            "3WS:squid-7:2.5.STABLE3-6.3E.16.s390x",
            "3WS:squid-7:2.5.STABLE3-6.3E.16.src",
            "3WS:squid-7:2.5.STABLE3-6.3E.16.x86_64",
            "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.i386",
            "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ia64",
            "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.ppc",
            "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390",
            "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.s390x",
            "3WS:squid-debuginfo-7:2.5.STABLE3-6.3E.16.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2006:0045"
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "security flaw"
    }
  ]
}

GHSA-5HG5-X4P6-WGF5

Vulnerability from github – Published: 2022-05-03 03:14 – Updated: 2022-05-03 03:14

Details

Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-2917"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-09-30T18:05:00Z",
    "severity": "MODERATE"
  },
  "details": "Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).",
  "id": "GHSA-5hg5-x4p6-wgf5",
  "modified": "2022-05-03T03:14:20Z",
  "published": "2022-05-03T03:14:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2917"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24282"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11580"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/updates/FEDORA--.shtml"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/16992"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17015"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17050"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17177"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19161"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19532"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014920"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2005/dsa-828"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:181"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2005_27_sr.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/19607"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0045.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2006-0052.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/14977"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-192-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-2917 (GCVE-0-2005-2917)

GSD-2005-2917

FKIE_CVE-2005-2917

RHSA-2006:0052

RHSA-2006:0045

GHSA-5HG5-X4P6-WGF5

Tags

Sightings

Nomenclature