CVE-2002-2175 Information

Description

phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username.

Reference

http://marc.info/?l=bugtraq&m=102508071021631&w=2 http://sourceforge.net/forum/forum.php?forum_id=188359 http://www.iss.net/security_center/static/9417.php http://www.securityfocus.com/bid/5090