CVE-2005-1519

NameCVE-2005-1519
DescriptionSquid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-751-1
NVD severitymedium (attack range: remote)
Debian Bugs309504
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
squid (PTS)squeeze2.7.STABLE9-2.1fixed
wheezy2.7.STABLE9-4.1fixed
wheezy (security)2.7.STABLE9-4.1+deb7u1fixed
sid2.7.STABLE9-5fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
squidsource(unstable)2.5.9-9medium309504
squidsourcewoody2.4.6-2woody9mediumDSA-751-1

Search for package or bug name: Reporting problems