Squid prior to 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows malicious users to bypass the ACLs and conduct unauthorized activities such as port scanning.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
immunix immunix 7.0_beta |
||
mandrakesoft mandrake single network firewall 7.2 |
||
immunix immunix 6.2 |
||
immunix immunix 7.0 |
||
squid squid web proxy 2.3stable3 |
||
squid squid web proxy 2.3stable4 |
||
caldera openlinux server 3.1 |
||
redhat linux 7.0 |
||
trustix secure linux 1.01 |
||
mandrakesoft mandrake linux 7.2 |
||
mandrakesoft mandrake linux 8.0 |
||
mandrakesoft mandrake linux corporate server 1.0.1 |
||
trustix secure linux 1.1 |
||
trustix secure linux 1.2 |
||
mandrakesoft mandrake linux 7.1 |