Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2005-1519

Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.

PublishedMay 11, 2005, 04:00

Published Bysecalert@redhat.com

Affected Versions

No affected versions found.

References

http://fedoranews.org/updates/FEDORA--.shtml
http://secunia.com/advisories/15294
http://www.debian.org/security/2005/dsa-751
http://www.redhat.com/archives/fedora-announce-list/2005-May/msg00025.html
http://www.redhat.com/support/errata/RHSA-2005-489.html
http://www.securityfocus.com/bid/13592
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-dns_query
http://www.vupen.com/english/advisories/2005/0521
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9976

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

6.4

Vector String

AV:N/AC:L/Au:N/C:N/I:P/A:P

Base SeverityUnknown

Version

2.0

Attack Vector (AV)