CVE-2005-1345

EPSS 0.19%

squid - design flaw

Published: 5/2/2005Modified: 4/28/2026

Description

Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.

Affected packages (2)

Debian/squidfrom 0, < 2.5.9-7
Debian/squidfrom 0, < 2.4.6-2woody8

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-1345