Squid » Squid Web Proxy : Security Vulnerabilities, CVEs,
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
Max CVSS
7.5
EPSS Score
0.29%
Published
2001-07-18
Updated
2017-10-10
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
Max CVSS
5.0
EPSS Score
6.73%
Published
2001-12-06
Updated
2017-10-10
2 vulnerabilities found