virus logo Intrusion Prevention

Squid.Oversized.Reply.Header.Handling

description-logoDescription

It indicates a possible exploit of unspecified vulnerability in Squid Proxy.
This issue is due to the application's failure to properly handle malformed HTTP headers.

affected-products-logoAffected Products

Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Workstation 7.0
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Squid Web Proxy Cache 2.5 .STABLE7
Squid Web Proxy Cache 2.5 .STABLE6
Squid Web Proxy Cache 2.5 .STABLE5
Squid Web Proxy Cache 2.5 .STABLE4
Squid Web Proxy Cache 2.5 .STABLE3
Squid Web Proxy Cache 2.5 .STABLE1
SGI ProPack 3.0
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Fedora Core2
RedHat Fedora Core1
Astaro Security Linux 4.0 17
Astaro Security Linux 4.0 16
Astaro Security Linux 4.0 08
Astaro Security Linux 3.217
Astaro Security Linux 3.2 16
Astaro Security Linux 3.2 15
Astaro Security Linux 3.2 12
Astaro Security Linux 3.2 11
Astaro Security Linux 3.2 10
Astaro Security Linux 3.2 00
Astaro Security Linux 2.0 30
Astaro Security Linux 2.0 27
Astaro Security Linux 2.0 26
Astaro Security Linux 2.0 25
Astaro Security Linux 2.0 24
Astaro Security Linux 2.0 23
Astaro Security Linux 2.0 16

Impact logoImpact

Poison the cache or bypass access controls

recomended-action-logoRecommended Actions

Apply the squid-2.5.STABLE7-header_parsing patch, available from the Squid Web Proxy Cache Web site.
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-header_parsing.patch

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 13508
Created Oct 20, 2006
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2005-0241
Exploit Prediction Score 96.55%
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, Other
Affected App Other