CVE-2004-0189

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2004-0189

squid

url decoding

remote attack

security bypass

access control lists

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.6%

JSON

The “%xx” URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL (“%00”) character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.

Affected configurations

NVD

Node

squidsquidMatch2.0_patch2

squidsquidMatch2.1_patch2

squidsquidMatch2.3_stable5

squidsquidMatch2.4

squidsquidMatch2.4_stable7

squidsquidMatch2.5_stable3

squidsquidMatch2.5_stable4

CPENameOperatorVersion
squid:squidsquideq2.0_patch2
squid:squidsquideq2.1_patch2
squid:squidsquideq2.3_stable5
squid:squidsquideq2.4
squid:squidsquideq2.4_stable7
squid:squidsquideq2.5_stable3
squid:squidsquideq2.5_stable4

CPE	Name	Operator	Version
squid:squid	squid	eq	2.0_patch2
squid:squid	squid	eq	2.1_patch2
squid:squid	squid	eq	2.3_stable5
squid:squid	squid	eq	2.4
squid:squid	squid	eq	2.4_stable7
squid:squid	squid	eq	2.5_stable3
squid:squid	squid	eq	2.5_stable4