FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-2796

This CVE name corresponds to:

Entered Topic
2005-09-04 squid -- Denial Of Service Vulnerability in sslConnectTimeout

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-2796 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-2796
Phase Assigned(20050906)

Description

The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.

References

Source Reference
CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-sslConnectTimeout
DEBIAN DSA-809
FEDORA FLSA-2006:152809
GENTOO GLSA-200509-06
MANDRIVA MDKSA-2005:162
REDHAT RHSA-2005:766
SUSE SUSE-SA:2005:053
SUSE SUSE-SR:2005:021
BID 14731
SECTRACK 1014846
SECUNIA 16977
SECUNIA 17027

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.