CVE-2004-2479
First published: Fri Dec 31 2004(Updated: )
Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Squid Web Proxy Cache | =2.5_stable7 | |
| Squid Web Proxy Cache | =2.5_stable3 | |
| Squid Web Proxy Cache | =2.5_stable6 | |
| Squid Web Proxy Cache | =2.5_stable1 | |
| Squid Web Proxy Cache | =2.5_stable4 | |
| Squid Web Proxy Cache | =2.5_stable2 | |
| Squid Web Proxy Cache | =2.5_stable5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.squid-cache.org/bugs/show_bug.cgi?id=1143
- http://www.securityfocus.com/bid/11865
- http://securitytracker.com/id?1012466
- http://secunia.com/advisories/13408
- http://www.redhat.com/support/errata/RHSA-2005-766.html
- http://fedoranews.org/updates/FEDORA--.shtml
- http://secunia.com/advisories/16977
- http://www.osvdb.org/12282
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18406
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9711
Frequently Asked Questions
What is the severity of CVE-2004-2479?
CVE-2004-2479 is classified as a moderate severity vulnerability that can lead to information disclosure.
How do I fix CVE-2004-2479?
To fix CVE-2004-2479, you should upgrade to a patched version of Squid Web Proxy Cache that addresses this vulnerability.
What are the potential impacts of CVE-2004-2479?
CVE-2004-2479 allows remote attackers to obtain sensitive information through DNS failures that expose former error messages.
Which versions of Squid Web Proxy Cache are affected by CVE-2004-2479?
CVE-2004-2479 affects multiple versions of Squid Web Proxy Cache, including 2.5 stable 1 to 7.
Is CVE-2004-2479 still a relevant concern for current systems?
CVE-2004-2479 may still pose a risk for legacy systems running outdated versions of Squid Web Proxy Cache.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/national science foundation
- canonical/squid web proxy cache
- version/squid web proxy cache/2.5_stable7
- version/squid web proxy cache/2.5_stable3
- version/squid web proxy cache/2.5_stable6
- version/squid web proxy cache/2.5_stable1
- version/squid web proxy cache/2.5_stable4
- version/squid web proxy cache/2.5_stable2
- version/squid web proxy cache/2.5_stable5