FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

squid -- no sanity check of usernames in squid_ldap_auth

Affected packages
squid < 2.5.7_7

Details

VuXML ID 7a921e9e-68b1-11d9-9e1e-c296ac722cb3
Discovery 2005-01-10
Entry 2005-01-19
Modified 2005-02-08

The LDAP authentication helper did not strip leading or trailing spaces from the login name. According to the squid patches page:

LDAP is very forgiving about spaces in search filters and this could be abused to log in using several variants of the login name, possibly bypassing explicit access controls or confusing accounting.

Workaround: Block logins with spaces

	    acl login_with_spaces proxy_auth_regex [:space:]
		    http_access deny login_with_spaces
[source]

References

CERT/CC Vulnerability Note 924198
CVE Name CVE-2005-0173
URL http://www.squid-cache.org/bugs/show_bug.cgi?id=1187
URL http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.