virus logo Intrusion Prevention

Squid.WCCP.Message.Parsing.DoS

description-logoDescription

This indicates an attack attempt to exploit a denial-of-service vulnerability in the Web Cache Communication Protocol (WCCP) functionality of Squid Proxy.
This issue is due to the application's failure to handle unexpected network data. A remote attacker may leverage this issue to crash the affected Squid Proxy, denying service to legitimate users.

affected-products-logoAffected Products

Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 2.2
Trustix Secure Linux 2.1
Trustix Secure Linux 1.5
Trustix Secure Enterprise Linux 2.0
Squid Web Proxy Cache 2.5 .STABLE7
Squid Web Proxy Cache 2.5 .STABLE6
Squid Web Proxy Cache 2.5 .STABLE5
Squid Web Proxy Cache 2.5 .STABLE4
Squid Web Proxy Cache 2.5 .STABLE3
Squid Web Proxy Cache 2.5 .STABLE1
Squid Web Proxy Cache 2.4 .STABLE7
Squid Web Proxy Cache 2.4 .STABLE6
Squid Web Proxy Cache 2.4 .STABLE2
Squid Web Proxy Cache 2.4
Squid Web Proxy Cache 2.3 .STABLE5
Squid Web Proxy Cache 2.3 .STABLE4
Squid Web Proxy Cache 2.1 PATCH2
Squid Web Proxy Cache 2.0 PATCH2
SGI ProPack 3.0
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Fedora Core2
RedHat Fedora Core1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Conectiva Linux 10.0
Conectiva Linux 9.0
Astaro Security Linux 4.0 16
Astaro Security Linux 4.0 08
Astaro Security Linux 3.217
Astaro Security Linux 3.2 16
Astaro Security Linux 3.2 15
Astaro Security Linux 3.2 12
Astaro Security Linux 3.2 11
Astaro Security Linux 3.2 10
Astaro Security Linux 3.2 00
Astaro Security Linux 2.0 30
Astaro Security Linux 2.0 27
Astaro Security Linux 2.0 26
Astaro Security Linux 2.0 25
Astaro Security Linux 2.0 24
Astaro Security Linux 2.0 23
Astaro Security Linux 2.0 16

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the squid-2.5.STABLE7-wccp_denial_of_service.patch, available from the Squid Web Proxy Cache Web site.
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_denial_of_service

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 13509
Created Oct 20, 2006
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2005-0095
Exploit Prediction Score 96.98%
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, Other
Affected App Other