CVE-2005-1519
squid - IP spoofing
EPSS 24.6%
Description
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
How to fix CVE-2005-1519
To remediate CVE-2005-1519, upgrade the affected package to a fixed version below.
- Debian/squid—upgrade to 2.5.9-9 or later
- Debian/squid—upgrade to 2.4.6-2woody9 or later
Is CVE-2005-1519 being exploited?
Moderate — EPSS is 24.6%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 2.5.9-9
- from 0, < 2.4.6-2woody9