CVE-2005-2917
squid - several
EPSS 51.9%
Description
Squid 2.5.STABLE10 and earlier, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
How to fix CVE-2005-2917
To remediate CVE-2005-2917, upgrade the affected package to a fixed version below.
- Debian/squid—upgrade to 2.5.10-7 or later
- Debian/squid—upgrade to 2.5.9-10sarge2 or later
Is CVE-2005-2917 being exploited?
Likely — EPSS is 51.9%, placing CVE-2005-2917 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (2)
- from 0, < 2.5.10-7
- from 0, < 2.5.9-10sarge2