CVE-2004-2479 - Tensile Crystal

Description

Squid Web Proxy Cache 2.5 might allow remote attackers to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail which results in references to previously used error messages.

Reference

http://www.squid-cache.org/bugs/show_bug.cgi?id=1143 http://www.securityfocus.com/bid/11865 http://securitytracker.com/id?1012466 http://secunia.com/advisories/13408 http://www.redhat.com/support/errata/RHSA-2005-766.html http://fedoranews.org/updates/FEDORA–.shtml http://secunia.com/advisories/16977 http://www.osvdb.org/12282 https://exchange.xforce.ibmcloud.com/vulnerabilities/18406 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9711