Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-2479

Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.

Published

2004-12-31T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	national_science_foundation	squid_web_proxy_cache	2.5_stable1	Yes
Application	national_science_foundation	squid_web_proxy_cache	2.5_stable2	Yes
Application	national_science_foundation	squid_web_proxy_cache	2.5_stable3	Yes
Application	national_science_foundation	squid_web_proxy_cache	2.5_stable4	Yes
Application	national_science_foundation	squid_web_proxy_cache	2.5_stable5	Yes
Application	national_science_foundation	squid_web_proxy_cache	2.5_stable6	Yes
Application	national_science_foundation	squid_web_proxy_cache	2.5_stable7	Yes

References

http://fedoranews.org/updates/FEDORA--.shtml ([email protected])
http://secunia.com/advisories/13408 Patch, Vendor Advisory ([email protected])
http://secunia.com/advisories/16977 ([email protected])
http://securitytracker.com/id?1012466 Patch ([email protected])
http://www.osvdb.org/12282 ([email protected])
http://www.redhat.com/support/errata/RHSA-2005-766.html ([email protected])
http://www.securityfocus.com/bid/11865 Patch ([email protected])
http://www.squid-cache.org/bugs/show_bug.cgi?id=1143 Patch ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/18406 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9711 ([email protected])
http://fedoranews.org/updates/FEDORA--.shtml (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/13408 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/16977 (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1012466 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/12282 (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2005-766.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/11865 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.squid-cache.org/bugs/show_bug.cgi?id=1143 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18406 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9711 (af854a3a-2127-422b-91ae-364da2661108)