CVE-2005-0194
EPSS 0.66%發布日:2005/5/2修改日:2026/4/28
描述
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.
受影響套件(1)
- Debian/squidfrom 0, < 2.5.7-7