Is CVE-2005-0241 actively exploited?

CVE-2005-0241 has no public evidence of in-the-wild exploitation as of 2025-04-03.

What is the CVSS score for CVE-2005-0241?

CVE-2005-0241 has a CVSS score of 5 (UNKNOWN severity). Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N.

How do I patch CVE-2005-0241?

Patch guidance is available from squid security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2005-0241.

CVE-2005-0241 - remediation guidance & executive summary

Q: Which products are affected by CVE-2005-0241?

7 products: squid squid, squid squid, squid squid, squid squid, squid squid, and 2 more.

Description

The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.

CVSS Metrics

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Access Vector: network
Access Cmplx: low
Auth: none
Confidentiality: none
Integrity: partial
Availability: none
Weaknesses: NVD-CWE-Other

Metadata

Primary Vendor: SQUID
Published: 5/2/2005
Last Modified: 4/3/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

squid : squidsquid : squidsquid : squidsquid : squidsquid : squidsquid : squidsquid : squid

Remediation Guidance

Executive Summary

View on NIST NVD