3 matches found
DEBIAN-CVE-2005-0194
Squid 2.5, when processing the configuration file, parses empty Access Control Lists ACLs, including proxyauth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warning...
DEBIAN-CVE-2005-0175
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack...
DEBIAN-CVE-2005-0094
Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service crash via crafted responses...