PublicDate: 2005-05-02 04:00:00 UTC
Candidate: CVE-2005-0194
References:
 https://ubuntu.com/security/notices/USN-84-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0194
Description:
 Squid 2.5, when processing the configuration file, parses empty Access
 Control Lists (ACLs), including proxy_auth ACLs without defined auth
 schemes, in a way that effectively removes arguments, which could allow
 remote attackers to bypass intended ACLs if the administrator ignores the
 parser warnings.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_squid: released (2.5.12-4ubuntu2.2)
edgy_squid: released (2.6.1-3ubuntu1.3)
feisty_squid: released (2.6.5-4ubuntu2)
devel_squid: released (2.6.5-4ubuntu2)
upstream_squid: needs-triage