Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2004-0189

Disclosure Date: March 15, 2004 (last updated June 05, 2020)
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.
0