CVE-2005-0173

EPSS 1.7%

squid - several

發布日:2005/5/2修改日:2026/4/28

也稱為:DEBIAN-CVE-2005-0173

描述

squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.

受影響套件(2)

Debian/squidfrom 0, < 2.5.7-4
Debian/squidfrom 0, < 2.4.6-2woody6

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-0173