CVE-2005-0194

2005-05-02T04:00:00
ID CVE-2005-0194
Type cve
Reporter cve@mitre.org
Modified 2016-10-18T03:08:00

Description

Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.