The "%xx" URL decoding function in Squid 2.5STABLE4 and previous versions allows remote malicious users to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid squid 2.4_stable7 |
||
squid squid 2.5_stable3 |
||
squid squid 2.0_patch2 |
||
squid squid 2.1_patch2 |
||
squid squid 2.3_stable5 |
||
squid squid 2.4 |
||
squid squid 2.5_stable4 |