CVE-2005-0194
EPSS 0.66%Published: 5/2/2005Modified: 4/28/2026
Description
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.
Affected packages (1)
- Debian/squidfrom 0, < 2.5.7-7