Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Squid_web_proxy | Squid | 2.3stable3 | 2.3stable3 |
Immunix | Immunix | 7.0 | 7.0 |
Immunix | Immunix | 6.2 | 6.2 |
Immunix | Immunix | 7.0_beta | 7.0_beta |
Squid_web_proxy | Squid | 2.3stable4 | 2.3stable4 |
Mandrake_single_network_firewall | Mandrakesoft | 7.2 | 7.2 |
Openlinux_server | Caldera | 3.1 | 3.1 |