June 28, 2002

Squid vulnerability: Insecure forwarding of proxy_auth

LinuxSecurity Contributors writes "Vendors have not issued updates yet for a vulnerability just reported by the Squid Project. "Under some conditions Squid may forward the proxy authentication credentails. This can happen if you normally require your users to log in to use the proxy, but allow some sites to be reached without needing to log in." LinuxSecurity has the report"


  • Security
Click Here!