Lucene search
FreeBSD705E003A-7F36-11D8-9645-0020ED76EF5AHistoryFeb 29, 2004 - 12:00 a.m.
squid ACL bypass due to URL decoding bug
2004-02-2900:00:00
vuxml.freebsd.org
10
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.6%
From the Squid advisory:
Squid versions 2.5.STABLE4 and earlier contain a bug
in the “%xx” URL decoding function. It may insert a NUL
character into decoded URLs, which may allow users to bypass
url_regex ACLs.
Related
nessus
nessus
Debian DSA-474-1 : squid - ACL bypass
2004-09-29 00:00:00
Mandrake Linux Security Advisory : squid (MDKSA-2004:025)
2004-07-31 00:00:00
RHEL 2.1 / 3 : squid (RHSA-2004:133)
2004-07-06 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200403-11 (Squid)
2008-09-24 00:00:00
FreeBSD Ports: squid
2008-09-04 00:00:00
FreeBSD Ports: squid
2008-09-04 00:00:00
securityvulns
securityvulns
MDKSA-2004:025 - Updated squid packages fix vulnerability
2004-04-01 00:00:00
gentoo
gentoo
Squid ACL [url_regex] bypass vulnerability
2004-03-30 00:00:00
osv
osv
squid - ACL bypass
2004-04-03 00:00:00
nvd
nvd
CVE-2004-0189
2004-03-15 05:00:00
cve
cve
CVE-2004-0189
2004-09-01 04:00:00
debiancve
debiancve
CVE-2004-0189
2004-09-01 04:00:00
redhat
redhat
(RHSA-2004:133) squid security update
2004-04-14 00:00:00
debian
debian
[SECURITY] [DSA 474-1] New squid packages fix ACL bypass
2004-04-04 06:09:37
cvelist
cvelist
CVE-2004-0189
2004-09-01 04:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.027 Low
EPSS
Percentile
90.6%
Related for 705E003A-7F36-11D8-9645-0020ED76EF5A