CVE-2005-0241 Information

Description

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling \oversized\ HTTP reply headers which might allow remote attackers to poison the cache or bypass access controls based on header size.

Reference

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000931 http://fedoranews.org/updates/FEDORA–.shtml http://secunia.com/advisories/14091 http://www.kb.cert.org/vuls/id/823350 http://www.novell.com/linux/security/advisories/2005_06_squid.html http://www.redhat.com/support/errata/RHSA-2005-060.html http://www.redhat.com/support/errata/RHSA-2005-061.html http://www.securityfocus.com/bid/12412 http://www.squid-cache.org/bugs/show_bug.cgi?id=1216 http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-oversize_reply_headers.patch https://exchange.xforce.ibmcloud.com/vulnerabilities/19060 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10998