CVE-2005-0194

CVE-2005-0194 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.

Learn more about our Web Application Penetration Testing UK.