Loading
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.
Use Squid vendor hub and Squid product page to widen CVE-2005-0194 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2005-1711, CVE-2005-1519 and CVE-2009-0478 for nearby disclosures in the same product family.