PublicDate: 2005-02-07 05:00:00 UTC
Candidate: CVE-2005-0174
References:
 https://ubuntu.com/security/notices/USN-77-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0174
Description:
 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or
 conduct certain attacks via headers that do not follow the HTTP
 specification, including (1) multiple Content-Length headers, (2) carriage
 return (CR) characters that are not part of a CRLF pair, and (3) header
 names containing whitespace characters.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_squid: released (2.5.12-4ubuntu2.2)
edgy_squid: released (2.6.1-3ubuntu1.3)
feisty_squid: released (2.6.5-4ubuntu2)
devel_squid: released (2.6.5-4ubuntu2)
upstream_squid: needs-triage