Documents Associated to Squid proxy server

New User, Welcome! Login

Squid proxy server

VideoCache 1.9.2 vccleaner root vulnerability

====[ SYNOPSIS ]=====================================================

VideoCache is a Squid URL rewriter plugin written in Python for 
bandwidth optimization while browsing video sharing websites.  Version 
1.9.2 allows a user with the privileges of the Squid proxy server to 
append semi-arbitrary data to arbitrary files with root privileges, upon 
the administrator's execution of the 'vccleaner' utility.


====[ DISCUSSION ]===================================================

[ MDVSA-2008:079 ] - Updated sarg packages fix multiple vulnerabilities

 
 Problem Description:
 
 A stack-based buffer overflow in sarg (Squid Analysis Report Generator)
 allowed remote attackers to execute arbitrary code via a long Squid
 proxy server User-Agent header (CVE-2008-1167).
 
 A cross-site scripting vulnerability in sarg version 2.x prior to
 2.2.5 allowed remote attackers to inject arbitrary web script or
 HTML via the User-Agent heder, which is not properly handled when
 displaying the Squid proxy log (CVE-2008-1168).

Squid Proxy Cache Denial of Service in request handling

__________________________________________________________________

       Squid Proxy Cache Security Update Advisory SQUID-2009:1
__________________________________________________________________

Advisory ID:            SQUID-2009:1
Date:                   February 02, 2009
Summary:                Denial of service in request processing
Affected versions:      Squid 2.7 -> 2.7.STABLE5,
                         Squid 3.0 -> 3.0.STABLE12,

Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000

& AMG-2000 Manual v2.0, Jun-13-2007


Vulnerability overview:
-----------------------
AMG-2000 uses an internal Squid proxy to restrict access to the wireless LAN
or Internet, e.g. by supplying a username/password on the portal site (depends
on how the system is configured, e.g. on-demand "guest" users or
authentication via RADIUS, LDAP or NT domain). This built-in proxy is
misconfigured which leads to the following vulnerability:

SQUID-2007:2, Dec 4, 2007

__________________________________________________________________

      Squid Proxy Cache Security Update Advisory SQUID-2007:2
__________________________________________________________________

Advisory ID:            SQUID-2007:2
Date:                   November 27, 2007
Summary:                Denial of service in cache updates
Affected versions:      Squid 2.X (2.0 -> 2.6.STABLE16); Squid-3.

Squid Analysis Report Generator <= 2.2.3.1 buffer overflow

The access.log has to be manually created to trigger the exploit,
as squid will not allow malformed HTTP methods.

The useragent log is more critical, as this vulnerability can be
exploited by just passing the useragent string within a request
to the squid proxy.


------------
PoC/Exploit:
------------

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!