CVE-2005-2794
squid - assertion error
EPSS 12.5%
Description
store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (crash) via certain aborted requests that trigger an assert error related to STORE_PENDING.
How to fix CVE-2005-2794
To remediate CVE-2005-2794, upgrade the affected package to a fixed version below.
- Debian/squid—upgrade to 2.5.10-5 or later
- Debian/squid—upgrade to 2.5.9-10sarge1 or later
- Debian/squid—upgrade to 2.4.6-2woody11 or later
Is CVE-2005-2794 being exploited?
Moderate — EPSS is 12.5%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 2.5.10-5
- from 0, < 2.5.9-10sarge1
- from 0, < 2.4.6-2woody11