CVE-2005-1345
NONE EPSS 74.8%
Published May 2, 200521y ago · Modified Jun 16, 20262w ago
Published May 2, 2005 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.
Threat Intelligence
EPSS Exploit Probability
74.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 9
References 7
- distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000948
- fedoranews.org http://fedoranews.org/updates/FEDORA--.shtml
- debian.org http://www.debian.org/security/2005/dsa-721
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-415.html
- squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error
- squid-cache.org http://www.squid-cache.org/bugs/show_bug.cgi?id=1255
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10513
Remediation
- squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error