CVE-2005-0173

Description

squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.

Software From Fixed in
squid / squid 2.0.patch1 2.0.patch1.x
squid / squid 2.0.patch2 2.0.patch2.x
squid / squid 2.0.pre1 2.0.pre1.x
squid / squid 2.0.release 2.0.release.x
squid / squid 2.1.patch1 2.1.patch1.x
squid / squid 2.1.patch2 2.1.patch2.x
squid / squid 2.1.pre1 2.1.pre1.x
squid / squid 2.1.pre3 2.1.pre3.x
squid / squid 2.1.pre4 2.1.pre4.x
squid / squid 2.1.release 2.1.release.x
squid / squid 2.2.devel3 2.2.devel3.x
squid / squid 2.2.devel4 2.2.devel4.x
squid / squid 2.2.pre1 2.2.pre1.x
squid / squid 2.2.pre2 2.2.pre2.x
squid / squid 2.2.stable1 2.2.stable1.x
squid / squid 2.2.stable2 2.2.stable2.x
squid / squid 2.2.stable3 2.2.stable3.x
squid / squid 2.2.stable4 2.2.stable4.x
squid / squid 2.2.stable5 2.2.stable5.x
squid / squid 2.3.devel2 2.3.devel2.x
squid / squid 2.3.devel3 2.3.devel3.x
squid / squid 2.3.stable1 2.3.stable1.x
squid / squid 2.3.stable2 2.3.stable2.x
squid / squid 2.3.stable3 2.3.stable3.x
squid / squid 2.3.stable4 2.3.stable4.x
squid / squid 2.3.stable5 2.3.stable5.x
squid / squid 2.4.stable1 2.4.stable1.x
squid / squid 2.4.stable2 2.4.stable2.x
squid / squid 2.4.stable3 2.4.stable3.x
squid / squid 2.4.stable4 2.4.stable4.x
squid / squid 2.4.stable6 2.4.stable6.x
squid / squid 2.4.stable7 2.4.stable7.x
squid / squid 2.5.stable1 2.5.stable1.x
squid / squid 2.5.stable2 2.5.stable2.x
squid / squid 2.5.stable3 2.5.stable3.x
squid / squid 2.5.stable4 2.5.stable4.x
squid / squid 2.5.stable5 2.5.stable5.x
squid / squid 2.5.stable6 2.5.stable6.x