Loading
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters.
Use Squid vendor hub and Squid product page to widen CVE-2005-0174 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2005-1711, CVE-2005-1519 and CVE-2009-0478 for nearby disclosures in the same product family.