Описание
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.5.12-4ubuntu2.2 |
| devel | released | 2.6.5-4ubuntu2 |
| edgy | released | 2.6.1-3ubuntu1.3 |
| feisty | released | 2.6.5-4ubuntu2 |
| upstream | needs-triage |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated u ...
squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server.
EPSS
7.5 High
CVSS2