Details of VAR-200505-0836

ID

VAR-200505-0836

CVE

CVE-2005-1711

TITLE

Gibraltar Firewall Antivirus Scan Avoidance Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200505-1157

DESCRIPTION

Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected. Gibraltar is susceptible to an antivirus scan evasion vulnerability. This issue presents itself because of an oversight in the design of the firewall product, due to a change of features of the ClamAV antivirus scanning engine. This vulnerability allows malicious content to pass undetected by an affected firewall acting as an HTTP proxy, leading to a false sense of security

Trust: 1.26

sources: NVD: CVE-2005-1711 // BID: 13713 // VULHUB: VHN-12920

AFFECTED PRODUCTS

vendor:	squid	model:	squid	scope:	eq	version:	2.6.stable1	Trust: 1.6
vendor:	gibraltar	model:	firewall	scope:	eq	version:	2.2	Trust: 1.3
vendor:	clam anti virus	model:	clamav	scope:	eq	version:	0.90.2	Trust: 1.0
vendor:	gibraltar	model:	firewall a	scope:	ne	version:	2.2	Trust: 0.3

sources: BID: 13713 // CNNVD: CNNVD-200505-1157 // NVD: CVE-2005-1711

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-1711
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200505-1157
value:	HIGH
Trust: 0.6
VULHUB:	VHN-12920
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-1711
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-12920
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-12920 // CNNVD: CNNVD-200505-1157 // NVD: CVE-2005-1711

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1711

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200505-1157

TYPE

Design Error

Trust: 0.9

sources: BID: 13713 // CNNVD: CNNVD-200505-1157

EXTERNAL IDS

db:	NVD	id:	CVE-2005-1711	Trust: 2.0
db:	SECTRACK	id:	1014030	Trust: 1.7
db:	CNNVD	id:	CNNVD-200505-1157	Trust: 0.7
db:	BID	id:	13713	Trust: 0.4
db:	VULHUB	id:	VHN-12920	Trust: 0.1

sources: VULHUB: VHN-12920 // BID: 13713 // CNNVD: CNNVD-200505-1157 // NVD: CVE-2005-1711

REFERENCES

url:	http://securitytracker.com/id?1014030	Trust: 1.7
url:	http://gibraltar.at/changes.php?onlylastversion=1&htmloutput=1&to=2.2a	Trust: 0.3
url:	http://gibraltar.at/	Trust: 0.3

sources: VULHUB: VHN-12920 // BID: 13713 // CNNVD: CNNVD-200505-1157 // NVD: CVE-2005-1711

CREDITS

Gibraltar

Trust: 0.6

sources: CNNVD: CNNVD-200505-1157

SOURCES

db:	VULHUB	id:	VHN-12920
db:	BID	id:	13713
db:	CNNVD	id:	CNNVD-200505-1157
db:	NVD	id:	CVE-2005-1711

LAST UPDATE DATE

2024-08-14T14:42:14.743000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-12920	date:	2008-09-05T00:00:00
db:	BID	id:	13713	date:	2009-07-12T14:56:00
db:	CNNVD	id:	CNNVD-200505-1157	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-1711	date:	2008-09-05T20:49:52.247

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-12920	date:	2005-05-24T00:00:00
db:	BID	id:	13713	date:	2005-05-23T00:00:00
db:	CNNVD	id:	CNNVD-200505-1157	date:	2005-05-24T00:00:00
db:	NVD	id:	CVE-2005-1711	date:	2005-05-24T04:00:00