CVE-2005-0626

Publication date 8 March 2005

Last updated 17 July 2025

Ubuntu priority

Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
squid	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-93-1
Squid vulnerability
8 March 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-0626