CVE-2005-0173

Publication date 2 May 2005

Last updated 24 July 2024

Ubuntu priority

squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
squid	7.04 feisty	Fixed 2.6.5-4ubuntu2
	6.10 edgy	Fixed 2.6.1-3ubuntu1.3
	6.06 LTS dapper	Fixed 2.5.12-4ubuntu2.2

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-77-1
Squid vulnerabilities
8 February 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-0173