Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-0094

Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.

Published

2005-01-15T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application squid squid 2.0_patch2 Yes
Application squid squid 2.1_patch2 Yes
Application squid squid 2.3_.stable4 Yes
Application squid squid 2.3_.stable5 Yes
Application squid squid 2.3_stable5 Yes
Application squid squid 2.4 Yes
Application squid squid 2.4_.stable2 Yes
Application squid squid 2.4_.stable6 Yes
Application squid squid 2.4_.stable7 Yes
Application squid squid 2.4_stable7 Yes
Application squid squid 2.5.6 Yes
Application squid squid 2.5.stable1 Yes
Application squid squid 2.5.stable2 Yes
Application squid squid 2.5.stable3 Yes
Application squid squid 2.5.stable4 Yes
Application squid squid 2.5.stable5 Yes
Application squid squid 2.5.stable6 Yes
Application squid squid 2.5.stable7 Yes
Application squid squid 2.5_.stable1 Yes
Application squid squid 2.5_.stable3 Yes
Application squid squid 2.5_.stable4 Yes
Application squid squid 2.5_.stable5 Yes
Application squid squid 2.5_.stable6 Yes
Application squid squid 2.5_stable3 Yes
Application squid squid 2.5_stable4 Yes
Application squid squid 2.5_stable9 Yes
Application squid squid 2.6.stable1 Yes
References