PT-1998-1182 · Squid · Squid Internet Object Cache

Published

1998-02-20

Updated

2017-12-19

CVE-1999-1273

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Squid Internet Object Cache version 1.1.20

Description The issue allows users to bypass access control lists (ACLs) by encoding the URL with hexadecimal escape sequences.

Recommendations For Squid Internet Object Cache version 1.1.20, consider updating to a newer version that addresses this issue, as the current version allows users to bypass access control lists. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1273

Affected Products

Squid Internet Object Cache

PT-1998-1182 · Squid · Squid Internet Object Cache

CVE-1999-1273

Related Identifiers

Affected Products

References · 3