The "%xx" URL decoding function in Squid 2.5STABLE4 and previous versions allows remote malicious users to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid squid 2.1 patch2 |
||
squid squid 2.0 patch2 |
||
squid squid 2.5 stable3 |
||
squid squid 2.4 stable7 |
||
squid squid 2.3 stable5 |
||
squid squid 2.4 |
||
squid squid 2.5 stable4 |