Squid Proxy Set-Cookie Headers Information Disclosure Vulnerability

Bugtraq ID:	12716
Class:	Race Condition Error
CVE:	CVE-2005-0626
Remote:	Yes
Local:	No
Published:	Mar 03 2005 12:00AM
Updated:	Mar 07 2007 05:25AM
Credit:	This issue was reported by the vendor.
Vulnerable:	Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 Turbolinux Turbolinux Workstation 8.0 Turbolinux Turbolinux Workstation 7.0 Turbolinux Turbolinux Server 10.0 Turbolinux Turbolinux Server 8.0 Turbolinux Turbolinux Server 7.0 Turbolinux Appliance Server Workgroup Edition 1.0 Turbolinux Appliance Server Hosting Edition 1.0 Squid Web Proxy Cache 2.5 .STABLE9 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 + MandrakeSoft Corporate Server 3.0 x86_64 + MandrakeSoft Corporate Server 3.0 + Mandriva Linux Mandrake 10.2 x86_64 + Mandriva Linux Mandrake 10.2 + Mandriva Linux Mandrake 10.1 x86_64 + Mandriva Linux Mandrake 10.1 + Mandriva Linux Mandrake 10.0 AMD64 + Mandriva Linux Mandrake 10.0 Squid Web Proxy Cache 2.5 .STABLE8 + Gentoo Linux + Red Hat Fedora Core3 + Red Hat Fedora Core2 + Ubuntu Ubuntu Linux 5.0 4 powerpc + Ubuntu Ubuntu Linux 5.0 4 i386 + Ubuntu Ubuntu Linux 5.0 4 amd64 Squid Web Proxy Cache 2.5 .STABLE7 + Conectiva Linux 10.0 + Conectiva Linux 9.0 + Gentoo Linux + Red Hat Fedora Core3 + Red Hat Fedora Core2 SGI ProPack 3.0 SP5 RedHat Linux 9.0 i386 RedHat Linux 7.3 i386 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Desktop 4.0 RedHat Desktop 3.0 Red Hat Fedora Core3 Red Hat Fedora Core2 Red Hat Fedora Core1 Red Hat Enterprise Linux AS 4 Red Hat Enterprise Linux AS 3 Conectiva Linux 10.0 Conectiva Linux 9.0

Not Vulnerable: