Bug 129934 (CVE-2005-3258)

Summary: VUL-0: CVE-2005-3258: squid dos via broken ftp servers
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Klaus Singvogel <kssingvo>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2005-3258: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 1 Marcus Meissner 2005-10-21 09:33:38 UTC 
======================================================
Candidate: CVE-2005-3258
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3258
Reference: CONFIRM:http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE11-rfc1738_do_escape

The rfc1738_do_escape function in ftp.c for Squid 2.5 STABLE11 and
earlier allows remote FTP servers to cause a denial of service
(segmentation fault) via certain crafted responses.
Comment 2 Marcus Meissner 2005-10-21 11:27:56 UTC 

*** This bug has been marked as a duplicate of 129639 ***
Comment 3 Thomas Biege 2009-10-13 21:43:42 UTC 
CVE-2005-3258: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)