BID:12431

Squid Proxy squid_ldap_auth Authentication Bypass Vulnerability

Info

Squid Proxy squid_ldap_auth Authentication Bypass Vulnerability

Bugtraq ID:	12431
Class:	Input Validation Error
CVE:	CVE-2005-0173
Remote:	Yes
Local:	No
Published:	Feb 02 2005 12:00AM
Updated:	Feb 22 2007 01:06AM
Credit:	The individual or individuals responsible for the discovery of this issue are currently unknown; the vendor disclosed this issue.
Vulnerable:	SuSE Linux 8.1 SuSE Linux 8.0 i386 SuSE Linux 8.0 Squid Web Proxy Cache 2.5 .STABLE7 + Gentoo Linux + Redhat Fedora Core3 + Redhat Fedora Core2 Squid Web Proxy Cache 2.5 .STABLE6 + Mandriva Linux Mandrake 10.1 x86_64 + S.u.S.E. Linux Personal 9.2 x86_64 + S.u.S.E. Linux Personal 9.2 + Turbolinux Appliance Server 1.0 Workgroup Edition + Turbolinux Appliance Server 1.0 Hosting Edition + Turbolinux Appliance Server Hosting Edition 1.0 + Turbolinux Appliance Server Workgroup Edition 1.0 + Turbolinux Turbolinux Server 10.0 + Turbolinux Turbolinux Server 8.0 + Turbolinux Turbolinux Server 7.0 + Turbolinux Turbolinux Workstation 8.0 + Turbolinux Turbolinux Workstation 7.0 Squid Web Proxy Cache 2.5 .STABLE5 + S.u.S.E. Linux Personal 9.1 x86_64 + S.u.S.E. Linux Personal 9.1 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 + Ubuntu Ubuntu Linux 4.1 ppc + Ubuntu Ubuntu Linux 4.1 ia64 + Ubuntu Ubuntu Linux 4.1 ia32 Squid Web Proxy Cache 2.5 .STABLE4 + MandrakeSoft Corporate Server 3.0 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 + OpenPKG OpenPKG 2.0 + OpenPKG OpenPKG Current Squid Web Proxy Cache 2.5 .STABLE3 + Mandriva Linux Mandrake 9.2 amd64 + Mandriva Linux Mandrake 9.2 + OpenPKG OpenPKG 1.3 + Redhat Desktop 3.0 + Redhat Enterprise Linux AS 3 + Redhat Enterprise Linux ES 3 + Redhat Enterprise Linux WS 3 + Redhat Fedora Core1 + S.u.S.E. Linux Personal 9.0 x86_64 + S.u.S.E. Linux Personal 9.0 Squid Web Proxy Cache 2.5 .STABLE1 + Mandriva Linux Mandrake 9.1 ppc + Mandriva Linux Mandrake 9.1 + S.u.S.E. Linux Personal 8.2 Squid Web Proxy Cache 2.4 .STABLE7 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Multi Network Firewall 2.0 + Redhat Enterprise Linux AS 2.1 IA64 + Redhat Enterprise Linux AS 2.1 + Redhat Enterprise Linux ES 2.1 IA64 + Redhat Enterprise Linux ES 2.1 + Redhat Enterprise Linux WS 2.1 IA64 + Redhat Enterprise Linux WS 2.1 + Redhat Linux Advanced Work Station 2.1 Squid Web Proxy Cache 2.4 .STABLE6 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 Squid Web Proxy Cache 2.4 .STABLE2 Squid Web Proxy Cache 2.4 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 Squid Web Proxy Cache 2.3 .STABLE5 Squid Web Proxy Cache 2.3 .STABLE4 Squid Web Proxy Cache 2.1 PATCH2 Squid Web Proxy Cache 2.0 PATCH2 SGI ProPack 3.0 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 Redhat Linux 9.0 i386 Redhat Linux 7.3 i386 Redhat Fedora Core2 Redhat Fedora Core1 Astaro Security Linux 4.0 17 Astaro Security Linux 4.0 16 Astaro Security Linux 4.0 08 Astaro Security Linux 3.217 Astaro Security Linux 3.2 16 Astaro Security Linux 3.2 15 Astaro Security Linux 3.2 12 Astaro Security Linux 3.2 11 Astaro Security Linux 3.2 10 Astaro Security Linux 3.2 00 Astaro Security Linux 2.0 30 Astaro Security Linux 2.0 27 Astaro Security Linux 2.0 26 Astaro Security Linux 2.0 25 Astaro Security Linux 2.0 24 Astaro Security Linux 2.0 23 Astaro Security Linux 2.0 16

Not Vulnerable:

Discussion

Squid Proxy squid_ldap_auth Authentication Bypass Vulnerability

Squid Proxy is reported prone to an authentication-bypass vulnerability. This issue seems to result from insufficient input validation.

The 'squid_ldap_auth' module is reported affected by this issue. A remote attacker may gain unauthorized access or gain elevated privileges from bypassing access controls.

Squid versions 2.5 and earlier are reported prone to this vulnerability.

Exploit / POC

Squid Proxy squid_ldap_auth Authentication Bypass Vulnerability

An exploit is not required to carry out this attack.

Solution / Fix

Squid Proxy squid_ldap_auth Authentication Bypass Vulnerability

Solution:
Please see the referenced vendor advisories for more information and fixes.

Squid Web Proxy Cache 2.4 .STABLE7

Mandrake squid-2.4.STABLE7-2.4.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake squid-2.4.STABLE7-2.4.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

SuSE squid-2.4.STABLE7-288.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/squid-2.4.STABLE7 -288.i586.rpm

Squid Web Proxy Cache 2.4 .STABLE6

Debian squid-cgi_2.4.6-2woody6_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_alpha.deb

Debian squid-cgi_2.4.6-2woody6_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_arm.deb

Debian squid-cgi_2.4.6-2woody6_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_hppa.deb

Debian squid-cgi_2.4.6-2woody6_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_i386.deb

Debian squid-cgi_2.4.6-2woody6_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_ia64.deb

Debian squid-cgi_2.4.6-2woody6_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_m68k.deb

Debian squid-cgi_2.4.6-2woody6_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_mips.deb

Debian squid-cgi_2.4.6-2woody6_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_mipsel.deb

Debian squid-cgi_2.4.6-2woody6_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_powerpc.deb

Debian squid-cgi_2.4.6-2woody6_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_s390.deb

Debian squid-cgi_2.4.6-2woody6_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid-cgi_2.4.6-2 woody6_sparc.deb

Debian squid_2.4.6-2woody6_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_alpha.deb

Debian squid_2.4.6-2woody6_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_arm.deb

Debian squid_2.4.6-2woody6_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_hppa.deb

Debian squid_2.4.6-2woody6_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_i386.deb

Debian squid_2.4.6-2woody6_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_ia64.deb

Debian squid_2.4.6-2woody6_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_m68k.deb

Debian squid_2.4.6-2woody6_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_mips.deb

Debian squid_2.4.6-2woody6_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_mipsel.deb

Debian squid_2.4.6-2woody6_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_powerpc.deb

Debian squid_2.4.6-2woody6_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_s390.deb

Debian squid_2.4.6-2woody6_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squid_2.4.6-2wood y6_sparc.deb

Debian squidclient_2.4.6-2woody6_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_alpha.deb

Debian squidclient_2.4.6-2woody6_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_arm.deb

Debian squidclient_2.4.6-2woody6_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_hppa.deb

Debian squidclient_2.4.6-2woody6_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_i386.deb

Debian squidclient_2.4.6-2woody6_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_ia64.deb

Debian squidclient_2.4.6-2woody6_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_m68k.deb

Debian squidclient_2.4.6-2woody6_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_mips.deb

Debian squidclient_2.4.6-2woody6_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_mipsel.deb

Debian squidclient_2.4.6-2woody6_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_powerpc.deb

Debian squidclient_2.4.6-2woody6_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_s390.deb

Debian squidclient_2.4.6-2woody6_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/s/squid/squidclient_2.4.6 -2woody6_sparc.deb

RedHat squid-2.4.STABLE7-0.73.3.legacy.i386.rpm
Red Hat Linux 7.3:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/squid-2.4.STA BLE7-0.73.3.legacy.i386.rpm

Squid Web Proxy Cache 2.5 .STABLE4

Mandrake squid-2.5.STABLE4-2.4.100mdk.amd64.rpm
Mandrake Linux 10.0/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake squid-2.5.STABLE4-2.4.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake squid-2.5.STABLE4-2.4.C30mdk.i586.rpm
Mandrake Corporate Server 3.0
http://www.mandrakesecure.net/en/ftp.php

Mandrake squid-2.5.STABLE4-2.4.C30mdk.x86_64.rpm
Mandrake Corporate Server 3.0/x86_64
http://www.mandrakesecure.net/en/ftp.php

Squid Web Proxy Cache 2.5 .STABLE7

Squid squid-2.5.STABLE7-ldap_spaces.patch
http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ldap _spaces.patch

Squid Web Proxy Cache 2.5 .STABLE6

Mandrake squid-2.5.STABLE6-2.3.101mdk.i586.rpm
Mandrake Linux 10.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake squid-2.5.STABLE6-2.3.101mdk.x86_64.rpm
Mandrake Linux 10.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

SuSE squid-2.5.STABLE6-6.4.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/squid-2.5.STABLE6 -6.4.i586.rpm

SuSE squid-2.5.STABLE6-6.4.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/squid-2.5.STA BLE6-6.4.x86_64.rpm

SuSE squid-2.5.STABLE6-6.6.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/squid-2.5.STABLE6 -6.6.i586.rpm

SuSE squid-2.5.STABLE6-6.6.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.2/rpm/x86_64/squid-2.5.STA BLE6-6.6.x86_64.rpm

TurboLinux squid-2.5.STABLE6-18.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/squid-2.5.STABLE6-18.i586.rpm

TurboLinux squid-2.5.STABLE6-18.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/7/upd ates/RPMS/squid-2.5.STABLE6-18.i586.rpm

TurboLinux squid-2.5.STABLE6-18.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/8/upd ates/RPMS/squid-2.5.STABLE6-18.i586.rpm

TurboLinux squid-2.5.STABLE6-18.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 7/updates/RPMS/squid-2.5.STABLE6-18.i586.rpm

TurboLinux squid-2.5.STABLE6-18.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Workstation/ 8/updates/RPMS/squid-2.5.STABLE6-18.i586.rpm

TurboLinux squid-debug-2.5.STABLE6-18.i586.rpm
ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/up dates/RPMS/squid-debug-2.5.STABLE6-18.i586.rpm

Squid Web Proxy Cache 2.5 .STABLE1

RedHat squid-2.5.STABLE1-9.10.legacy.i386.rpm
Red Hat Linux 9:
http://download.fedoralegacy.org/redhat/9/updates/i386/squid-2.5.STABL E1-9.10.legacy.i386.rpm

SuSE squid-2.5.STABLE1-104.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/squid-2.5.STABLE1 -104.i586.rpm

SuSE squid-2.5.STABLE1-106.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/squid-2.5.STABLE1 -106.i586.rpm

Squid Web Proxy Cache 2.5 .STABLE3

Mandrake squid-2.5.STABLE3-3.6.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake squid-2.5.STABLE3-3.6.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php

RedHat squid-2.5.STABLE3-2.fc1.6.legacy.i386.rpm
Fedora Core 1:
http://download.fedoralegacy.org/fedora/1/updates/i386/squid-2.5.STABL E3-2.fc1.6.legacy.i386.rpm

SuSE squid-2.5.STABLE3-116.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/squid-2.5.STABLE3 -116.i586.rpm

SuSE squid-2.5.STABLE3-116.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/squid-2.5.STA BLE3-116.x86_64.rpm

SuSE squid-2.5.STABLE3-118.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/squid-2.5.STABLE3 -118.i586.rpm

SuSE squid-2.5.STABLE3-118.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/squid-2.5.STA BLE3-118.x86_64.rpm

Squid Web Proxy Cache 2.5 .STABLE5

RedHat squid-2.5.STABLE9-1.FC2.4.legacy.i386.rpm
Fedora Core 2:
http://download.fedoralegacy.org/fedora/2/updates/i386/squid-2.5.STABL E9-1.FC2.4.legacy.i386.rpm

SuSE squid-2.5.STABLE5-42.24.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/squid-2.5.STABLE5 -42.24.i586.rpm

SuSE squid-2.5.STABLE5-42.24.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/squid-2.5.STA BLE5-42.24.x86_64.rpm

SuSE squid-2.5.STABLE5-42.27.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/squid-2.5.STABLE5 -42.27.i586.rpm

SuSE squid-2.5.STABLE5-42.27.x86_64.rpm
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/squid-2.5.STA BLE5-42.27.x86_64.rpm

Ubuntu squid-cgi_2.5.5-6ubuntu0.4_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.4_amd64.deb

Ubuntu squid-cgi_2.5.5-6ubuntu0.4_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.4_i386.deb

Ubuntu squid-cgi_2.5.5-6ubuntu0.4_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squid-cgi_2.5. 5-6ubuntu0.4_powerpc.deb

Ubuntu squid-common_2.5.5-6ubuntu0.4_all.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid-common_2.5.5 -6ubuntu0.4_all.deb

Ubuntu squid_2.5.5-6ubuntu0.4_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubunt u0.4_amd64.deb

Ubuntu squid_2.5.5-6ubuntu0.4_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubunt u0.4_i386.deb

Ubuntu squid_2.5.5-6ubuntu0.4_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubunt u0.4_powerpc.deb

Ubuntu squidclient_2.5.5-6ubuntu0.4_amd64.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2. 5.5-6ubuntu0.4_amd64.deb

Ubuntu squidclient_2.5.5-6ubuntu0.4_i386.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2. 5.5-6ubuntu0.4_i386.deb

Ubuntu squidclient_2.5.5-6ubuntu0.4_powerpc.deb
Ubuntu 4.10 (Warty Warthog)
http://security.ubuntu.com/ubuntu/pool/universe/s/squid/squidclient_2. 5.5-6ubuntu0.4_powerpc.deb

SGI ProPack 3.0

SGI Patch10144
http://support.sgi.com/

References

Squid Proxy squid_ldap_auth Authentication Bypass Vulnerability

References:

RHSA-2005:061-19 - Updated Squid package fixes security issues (RedHat)
Sanity check usernames in squid_ldap_auth (Squid)
Squid Web Proxy Cache Homepage (Squid)
Up2Date 5.200 (Astaro)