Bugtraq mailing list archives
[squid] external authentication security issue
From: oec () CODEBLAU DE (Oezguer Kesim)
Date: Mon, 25 Oct 1999 20:30:36 +0200
Holla, two weeks ago I found a security bug in squid, a web proxy cache, freely available at http://squid.nlanr.net/ Here you find the short Buglog-entry as shown at http://squid.nlanr.net/Versions/v2/2.2/bugs/ Please note that the bug applies whenever a external authenticator is used. cheers, Oezguer Kesim oec () codeblau de Newlines in passwords confuses the authenticator program ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Platforms All Versions 2.2.STABLE5 and earlier Synopsis After decoding the base64 encoded "user:password" pair given by the client, squid doesn't strip out any '\n' or '\r' found in the resulting string. Given such a string, any external authenticator will receive two lines instead of one, and most probably send two results. Now, any subsequent authentification exchange will has its answer shifted by one. Therefore, a malicious user can gain access to sites he or she should not have access to. Reported by Oezguer Kesim (oec () codeblau de) Patch http://squid.nlanr.net/Versions/v2/2.2/bugs/ squid-2.2.stable5-newlines_in_auth.patch Status Fixed in 2.3 branch.
Current thread:
- [squid] external authentication security issue Oezguer Kesim (Oct 25)