CVE-2005-1345

NONE EPSS 74.8%
Published May 2, 200521y ago · Modified Jun 16, 20262w ago
Find Similar
Published May 2, 2005 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Squid 2.5.STABLE9 and earlier does not trigger a fatal error when it identifies missing or invalid ACLs in the http_access configuration, which could lead to less restrictive ACLs than intended by the administrator.

Threat Intelligence

EPSS Exploit Probability
74.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
squidsquid2.5.stable1any
squidsquid2.5.stable2any
squidsquid2.5.stable3any
squidsquid2.5.stable4any
squidsquid2.5.stable5any
squidsquid2.5.stable6any
squidsquid2.5.stable7any
squidsquid2.5.stable8any
squidsquid2.5.stable9any

References 7

  • distro.conectiva.com.br http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000948
  • fedoranews.org http://fedoranews.org/updates/FEDORA--.shtml
  • debian.org http://www.debian.org/security/2005/dsa-721
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-415.html
  • squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error
    Patch
  • squid-cache.org http://www.squid-cache.org/bugs/show_bug.cgi?id=1255
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10513

Remediation

  • squid-cache.org http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-acl_error
    Patch