CVE-2005-1519 Information

Description

Squid 2.5 STABLE9 and earlier when the DNS client port is unfiltered and the environment does not prevent IP spoofing allows remote attackers to spoof DNS lookups.

Reference

http://fedoranews.org/updates/FEDORA–.shtml http://secunia.com/advisories/15294 http://www.debian.org/security/2005/dsa-751 http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html http://www.redhat.com/support/errata/RHSA-2005-489.html http://www.securityfocus.com/bid/13592 http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-dns_query http://www.vupen.com/english/advisories/2005/0521 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9976