logo
DATABASE RESOURCES PRICING ABOUT US

Authorization Bypass

Description

squid is vulnerable to authorization bypass. When handling a URN request, the corresponding HTTP request that is made does not go through the access checks, allowing an attacker to bypass access checks and gain access to restricted HTTP servers such as HTTP servers listening on localhost.


Affected Software


CPE Name Name Version
squid3:bionic 3.5.27-1ubuntu1
squid3:xenial 3.5.12-1ubuntu7
squid:eoan 4.8-1ubuntu2
squid3:stretch 3.5.23-5+deb9u1
squid3:bionic 3.5.27-1ubuntu1
squid3:xenial 3.5.12-1ubuntu7
squid:eoan 4.8-1ubuntu2
squid3:stretch 3.5.23-5+deb9u1

Related