oval:org.mitre.oval:def:877

Definition Id: oval:org.mitre.oval:def:877

Oval ID:	oval:org.mitre.oval:def:877
Title:	Red Hat Squid ACL Bypass Vulnerability
Description:	The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") characterm, which causes Squid to use only a portion of the requested URL when comparing it against the access control lists.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0189	Version:	4
Platform(s):	Red Hat Linux 9	Product(s):
Definition Synopsis:
Software section Red Hat 9 is installed AND ix86 architecture AND squid version is less than 2.5STABLE1-3.9 AND Configuration section squid is listening on the network