CVE-2005-0211

Name: CVE-2005-0211
Creator: NVD / NIST
Published: 2005-05-02T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 22.15%

Last modified Jun 16, 2026

CVE-2005-0211 is a vulnerability of currently unknown severity. Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.. EPSS estimates a 22.15% chance of exploitation in the next 30 days.

Description

Buffer overflow in wccp.c in Squid 2.5 before 2.5.STABLE7 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long WCCP packet, which is processed by a recvfrom function call that uses an incorrect length parameter.

Metrics

EPSS Probability

22.15%

97.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Squid-Cache	Squid	2.5.stable1
Squid-Cache	Squid	2.5.stable2
Squid-Cache	Squid	2.5.stable3
Squid-Cache	Squid	2.5.stable4
Squid-Cache	Squid	2.5.stable5
Squid-Cache	Squid	2.5.stable6
Debian	Debian Linux	3.0

References

http://fedoranews.org/updates/FEDORA--.shtmlBroken Link
http://marc.info/?l=bugtraq&m=110780531820947&w=2Third Party Advisory
http://secunia.com/advisories/14076Permissions Required
http://securitytracker.com/id?1013045Third Party Advisory, VDB Entry
http://www.debian.org/security/2005/dsa-667Patch, Third Party Advisory
http://www.kb.cert.org/vuls/id/886006Patch, Third Party Advisory, US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:034Broken Link
http://www.novell.com/linux/security/advisories/2005_06_squid.htmlBroken Link
http://www.osvdb.org/13319Broken Link
http://www.redhat.com/support/errata/RHSA-2005-060.htmlNot Applicable, Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-061.htmlNot Applicable, Third Party Advisory
http://www.securityfocus.com/bid/12432Third Party Advisory, VDB Entry
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflowPatch, Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patchPatch, Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9573Third Party Advisory
http://fedoranews.org/updates/FEDORA--.shtmlBroken Link
http://marc.info/?l=bugtraq&m=110780531820947&w=2Third Party Advisory
http://secunia.com/advisories/14076Permissions Required
http://securitytracker.com/id?1013045Third Party Advisory, VDB Entry
http://www.debian.org/security/2005/dsa-667Patch, Third Party Advisory
http://www.kb.cert.org/vuls/id/886006Patch, Third Party Advisory, US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:034Broken Link
http://www.novell.com/linux/security/advisories/2005_06_squid.htmlBroken Link
http://www.osvdb.org/13319Broken Link
http://www.redhat.com/support/errata/RHSA-2005-060.htmlNot Applicable, Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-061.htmlNot Applicable, Third Party Advisory
http://www.securityfocus.com/bid/12432Third Party Advisory, VDB Entry
http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-wccp_buffer_overflowPatch, Vendor Advisory
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_buffer_overflow.patchPatch, Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9573Third Party Advisory

Timeline

Published: May 2, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-0211?

How severe is CVE-2005-0211?

Severity scoring for CVE-2005-0211 is pending analysis. The EPSS model estimates a 22.15% probability of exploitation in the next 30 days.

How do I fix CVE-2005-0211?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-0211?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST