CVE-2005-0095
EPSS 75.8%
Description
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers.
How to fix CVE-2005-0095
To remediate CVE-2005-0095, upgrade the affected package to a fixed version below.
- Debian/squid—upgrade to 2.5.7-4 or later
Is CVE-2005-0095 being exploited?
Likely — EPSS is 75.8%, placing CVE-2005-0095 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- from 0, < 2.5.7-4