CVE-2005-0094
squid - buffer overflow, integer overflow
EPSS 51.1%
Description
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses.
How to fix CVE-2005-0094
To remediate CVE-2005-0094, upgrade the affected package to a fixed version below.
- Debian/squid—upgrade to 2.5.7-4 or later
- Debian/squid—upgrade to 2.4.6-2woody5 or later
Is CVE-2005-0094 being exploited?
Likely — EPSS is 51.1%, placing CVE-2005-0094 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (2)
- from 0, < 2.5.7-4
- from 0, < 2.4.6-2woody5