CVE Vulnerabilities

CVE-2005-0626

Published: Mar 08, 2005 | Modified: Oct 03, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:N/AC:H/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.

Affected Software

Name Vendor Start Version End Version
Squid Squid 2.5.stable5 2.5.stable5
Squid Squid 2.5.stable6 2.5.stable6
Squid Squid 2.5.stable7 2.5.stable7

References