Bug 78093 - (CVE-2005-0718) VUL-0: CVE-2005-0718: Squid DoS
(CVE-2005-0718)
VUL-0: CVE-2005-0718: Squid DoS
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other All
: P5 - None : Normal
: ---
Assigned To: Security Team bot
Security Team bot
CVE-2005-0718: CVSS v2 Base Score: 5....
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-04-15 11:30 UTC by Ludwig Nussel
Modified: 2021-11-20 16:24 UTC (History)
1 user (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2005-04-15 11:30:16 UTC
We received the following report via full-disclosure.
The issue is public.

This is probably more a normal bug than a security issue:
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-post

Date: Thu, 14 Apr 2005 11:29:49 +0200
From: Martin Pitt <martin.pitt@canonical.com>
To: ubuntu-security-announce@lists.ubuntu.com
Cc: full-disclosure@lists.grok.org.uk, bugtraq@securityfocus.com
Subject: [Full-disclosure] [USN-111-1] Squid vulnerability

===========================================================
Ubuntu Security Notice USN-111-1	     April 14, 2005
squid vulnerability
CAN-2005-0718
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

squid

The problem can be corrected by upgrading the affected package to
version 2.5.5-6ubuntu0.7. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

A remote Denial of Service vulnerability has been discovered in Squid.
If the remote end aborted the connection during a PUT or POST request,
Squid tried to free an already freed part of memory, which eventually
caused the server to crash.

[...]
Comment 1 Klaus Singvogel 2005-04-21 13:02:52 UTC
Ok. Made patches and submitted them. Done. :-) 
  
Affected versions: 8.2, 9.0, 9.1 (and all derivatives, like SLES9), and 9.2  
Not affected: 9.3 (already included), and propably 8.1 (and all derivatives,  
like SLES8, UL1).  
  
I'm not 100% sure about 8.1, because I only see that the relevant code isn't  
present there. Maybe the problem occurs (semanticly seen) somewhere else, but  
the part where we have patches for was first time introduced by squid-2.5 and  
8.1 contains squid-2.4. So I doubt, that it is affected.  
  
Security-team: please proof, if you have doubts. I checked it now for > 3 
hours. 
  
Security-team: please handle rest of process, like patchinfo. Thanks in 
advance. 
Comment 2 Ludwig Nussel 2005-04-21 13:54:09 UTC
One needs to really understand the squid code to understand the fix so this 
would need help from upstream. It's just a DoS, so unless you have a testcase 
that proves 8.1 is vulnerable i'd consider it as not affected for now. 
Comment 3 Klaus Singvogel 2005-04-21 14:59:36 UTC
It seems that noone has a testcase for this issue. No one can reproduce it. 
It occurs rarely as a crash. 
Comment 4 Ludwig Nussel 2005-04-21 15:18:02 UTC
SM-Tracker-1018 
Comment 5 Klaus Singvogel 2005-04-25 14:15:28 UTC
Ludwig: please note that there are no patches for 8.1 nor 9.3. 
mls informed me that the patchinfo files contains both distris (he fixes it). 
But be aware when writing the security announcement. 
Comment 6 Ludwig Nussel 2005-05-03 11:14:34 UTC
updates released  
Comment 7 Thomas Biege 2009-10-13 21:16:41 UTC
CVE-2005-0718: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)