oss-sec mailing list archives

Re: Squid Proxy multiple vulnerabilities

From: 面和毅 <ka-omo () sios com>
Date: Mon, 29 Oct 2018 08:35:17 +0900

Hi,

It looks like links are working fine now.

http://www.squid-cache.org/Advisories/SQUID-2018_4.txt
http://www.squid-cache.org/Advisories/SQUID-2018_5.txt

OMO
2018年10月29日(月) 2:22 Hanno Böck <hanno () hboeck de>:


On Mon, 29 Oct 2018 05:13:40 +1300
Amos Jeffries <squid3 () treenet co nz> wrote:

<http://www.squid-cache.org/Advisories/SQUID-2018_4.txt>


That gives a 404.

Also there's another yet unfixed vulnerability: The webpage and the
downloads are not using HTTPS, which makes them vulnerable to
man-in-the-middle attacks ;-)

--
Hanno Böck
https://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42




-- 
Kazuki Omo: ka-omo () sios com

OSS&Security Evangelist
Senior Architect
Vice President & Deputy Group Manager
Research and Development Dept. 2
CISSP #366942
Tel: +819026581386

Current thread:

Squid Proxy multiple vulnerabilities Amos Jeffries (Oct 28)
- Re: Squid Proxy multiple vulnerabilities Amos Jeffries (Oct 28)
- Re: Squid Proxy multiple vulnerabilities Hanno Böck (Oct 28)
  - Re: Squid Proxy multiple vulnerabilities Amos Jeffries (Oct 29)
  - Re: Squid Proxy multiple vulnerabilities 面和毅 (Oct 29)
- Re: Squid Proxy multiple vulnerabilities Karol Babioch (Oct 31)
  - Re: Squid Proxy multiple vulnerabilities Karol Babioch (Nov 09)