CVE-2005-0241
Publication date 2 May 2005
Last updated 17 July 2025
Ubuntu priority
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling “oversized” HTTP reply headers, which might allow remote attackers to poison the cache or bypass access controls based on header size.
Status
Package | Ubuntu Release | Status |
---|---|---|
squid | 7.04 feisty |
Not affected
|
6.10 edgy |
Not affected
|
|
6.06 LTS dapper |
Not affected
|