CVE-2005-0173

2005-05-0200:00:00

ubuntu.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.011 Low

EPSS

Percentile

84.2%

JSON

squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users
to bypass username-based Access Control Lists (ACLs) via a username with a
space at the beginning or end, which is ignored by the LDAP server.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchsquid< 2.5.12-4ubuntu2.2UNKNOWN
ubuntu6.10noarchsquid< 2.6.1-3ubuntu1.3UNKNOWN
ubuntu7.04noarchsquid< 2.6.5-4ubuntu2UNKNOWN