CVE-2004-2479

medium

Description

Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9711

https://exchange.xforce.ibmcloud.com/vulnerabilities/18406

http://www.squid-cache.org/bugs/show_bug.cgi?id=1143

http://www.securityfocus.com/bid/11865

http://www.redhat.com/support/errata/RHSA-2005-766.html

http://www.osvdb.org/12282

http://securitytracker.com/id?1012466

http://secunia.com/advisories/16977

http://secunia.com/advisories/13408

http://fedoranews.org/updates/FEDORA--.shtml

Details

Source: Mitre, NVD

Published: 2004-12-31

Updated: 2017-10-11

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N