Strix
26.1K

CVE-2005-2796

UnknownEPSS 7.83%

Last modified

CVE-2005-2796 is a vulnerability of currently unknown severity. The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.. EPSS estimates a 7.83% chance of exploitation in the next 30 days.

Description

The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.

Metrics

EPSS Probability
7.83%

93.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
SquidSquid2.0.patch1
SquidSquid2.0.patch2
SquidSquid2.0.pre1
SquidSquid2.0.release
SquidSquid2.0_patch2
SquidSquid2.1.patch1
SquidSquid2.1.patch2
SquidSquid2.1.pre1
SquidSquid2.1.pre3
SquidSquid2.1.pre4
SquidSquid2.1.release
SquidSquid2.1_patch2
SquidSquid2.2.devel3
SquidSquid2.2.devel4
SquidSquid2.2.pre1
SquidSquid2.2.pre2
SquidSquid2.2.stable1
SquidSquid2.2.stable2
SquidSquid2.2.stable3
SquidSquid2.2.stable4
SquidSquid2.2.stable5
SquidSquid2.3.devel2
SquidSquid2.3.devel3
SquidSquid2.3.stable1
SquidSquid2.3.stable2
SquidSquid2.3.stable3
SquidSquid2.3.stable4
SquidSquid2.3.stable5
SquidSquid2.3_.stable4
SquidSquid2.3_.stable5
SquidSquid2.3_stable5
SquidSquid2.4
SquidSquid2.4.stable1
SquidSquid2.4.stable2
SquidSquid2.4.stable3
SquidSquid2.4.stable4
SquidSquid2.4.stable6
SquidSquid2.4.stable7
SquidSquid2.4_.stable2
SquidSquid2.4_.stable6
SquidSquid2.4_.stable7
SquidSquid2.4_stable7
SquidSquid2.5.6
SquidSquid2.5.stable1
SquidSquid2.5.stable2
SquidSquid2.5.stable3
SquidSquid2.5.stable4
SquidSquid2.5.stable5
SquidSquid2.5.stable6
SquidSquid2.5.stable7

Showing 50 of 61 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2005-2796?
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service (segmentation fault) via certain crafted requests.
How severe is CVE-2005-2796?
Severity scoring for CVE-2005-2796 is pending analysis. The EPSS model estimates a 7.83% probability of exploitation in the next 30 days.
How do I fix CVE-2005-2796?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-2796?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST