CVE-2005-0095

Name of the Vulnerable Software and Affected Versions Squid versions 2.5.STABLE7 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending malformed WCCP messages. These messages have source addresses spoofed to reference Squid's home router and contain invalid WCCP I SEE YOU cache numbers.

Recommendations For Squid versions 2.5.STABLE7 and earlier, consider updating to a version later than 2.5.STABLE7 to resolve the issue. As a temporary workaround, restrict access to the WCCP message parsing code to minimize the risk of exploitation.