CVE-2005-1519

NameCVE-2005-1519
DescriptionSquid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-751-1
NVD severitymedium (attack range: remote)
Debian Bugs309504
Debian/oldoldstablenot vulnerable.
Debian/oldstablenot vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
squid (PTS)squeeze2.7.STABLE9-2.1fixed
squeeze (lts)2.7.STABLE9-2.1+deb6u1fixed
wheezy2.7.STABLE9-4.1fixed
wheezy (security)2.7.STABLE9-4.1+deb7u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
squidsource(unstable)2.5.9-9medium309504
squidsourcewoody2.4.6-2woody9mediumDSA-751-1

Search for package or bug name: Reporting problems