Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2004-0918

CVE information

Published

17 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error..

CVSSv2.0 Score

Severity
Medium
Base Score
5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
None
Availability Impact
Partial
Integrity Impact
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:squid:squid:2.5_.stable3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.1_patch2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.4_.stable7:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.0_patch2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.4_.stable2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.3_.stable4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.3_.stable5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.5_.stable5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.4_.stable6:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:3.0_pre2:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:3.0_pre3:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.5_.stable1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.5_.stable6:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:3.0_pre1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:squid:squid:2.5_.stable4:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*
  Yes
- -
cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*
  Yes
- -
cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*
  Yes
- -