Vulnerability Description
Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| National Science Foundation | Squid Web Proxy Cache | 2.5_stable1 |
References
- http://fedoranews.org/updates/FEDORA--.shtml
- http://secunia.com/advisories/13408PatchVendor Advisory
- http://secunia.com/advisories/16977
- http://securitytracker.com/id?1012466Patch
- http://www.osvdb.org/12282
- http://www.redhat.com/support/errata/RHSA-2005-766.html
- http://www.securityfocus.com/bid/11865Patch
- http://www.squid-cache.org/bugs/show_bug.cgi?id=1143Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18406
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://fedoranews.org/updates/FEDORA--.shtml
- http://secunia.com/advisories/13408PatchVendor Advisory
- http://secunia.com/advisories/16977
- http://securitytracker.com/id?1012466Patch
- http://www.osvdb.org/12282
FAQ
What is CVE-2004-2479?
CVE-2004-2479 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previousl...
How severe is CVE-2004-2479?
CVE-2004-2479 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2479?
Check the references section above for vendor advisories and patch information. Affected products include: National Science Foundation Squid Web Proxy Cache.