FreeBSD Ports: Squid Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting http://www.squid-cache.org/bugs/show_bug.cgi?id=1200 https://www.watchfire.com/securearea/whitepapers.aspx?id=8 http://www.vuxml.org/freebsd/4e4bd2c2-6bd5-11d9-9e1e-c296ac722cb3.html

Insight

The following package is affected: squid CVE-2005-0175 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.

Severity

Classification

CVE CVE-2005-0175

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

FreeBSD Ports: bogofilter
FreeBSD Ports: bitcoin
FreeBSD Ports: bugzilla
FreeBSD Ports: apache
FreeBSD Ports: asterisk10

FreeBSD Ports: squid

Take action and discover your vulnerabilities