It's posted at LWN.net: "Paul Nasrat has discovered a bug in squid's httpd_accel mode that
allows users to use squid as a portscanner similar to ftp bounce
scanning because squid does not properly use ACLs in the config file.
Paul conjectures it may be possible to pass data through the squid
proxy to communicate in a meaningful fashion, possibly bypassing
network security settings."
July 19, 2001