CVE-2012-2213
CVE-2012-2213 affects Squid 3.1.9. The issue allows remote attackers to bypass access control for the CONNECT method by supplying an arbitrary hostname in the Host HTTP header, enabling potential access to blocked sites via SSL. The core cause is host header-based ACL evaluation in the CONNECT ha...