Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Ubuntu: Squid vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Ubuntu: Squid vulnerabilities
# 1  
Old 02-16-2010
Ubuntu: Squid vulnerabilities
LinuxSecurity.com: It was discovered that Squid incorrectly handled certain auth headers. A remote attacker could exploit this with a specially-crafted auth header and cause Squid to go into an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 8.10, 9.04 and 9.10. (CVE-2009-2855) It was discovered that Squid incorrectly handled certain DNS packets. A remote attacker could exploit this with a specially-crafted DNS packet and cause Squid to crash, resulting in a denial of service. (CVE-2010-0308)

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Ubuntu

How do you setup 2 nic cards for squid Ubuntu server?

I have a made my squid proxy, I now have add another nic card to an old CPU using Ubuntu server 12.04. I have seen another post similar however I am new and did not understand some of it. Something about redirecting IP address and IP table? I don't know how to do this.:confused: (9 Replies)
Discussion started by: trilju2005
9 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

cachemgr.cgi

cachemgr.cgi(8) 					      System Manager's Manual						   cachemgr.cgi(8)

NAME

       cachemgr.cgi - squid HTTP proxy manager interface

SYNOPSIS

       http://your.server/cgi-bin/cachemgr.cgi

DESCRIPTION

       The  cache  manager (cachemgr.cgi) is a CGI utility for displaying statistics about the Squid HTTP proxy process as it runs. The cache man-
       ager is a convenient way to manage the cache and view statistics without logging into the server.

FILES

       ./cachemgr.conf
       @DEFAULT_CACHEMGR_CONFIG@
	      The access configuration file defining which Squid servers may be managed via this  cachemgr.cgi	program.  Each	line  specifies  a
	      server:port followed by an optional description

	      The  server  name  may  contain  shell wildcard characters such as *, [] etc.  A quick selection dropdown menu is automatically con-
	      structed from the simple server names.

	      Specifying :port is optional. If not specified then the default proxy port is assumed. :* or :any matches any  port  on  the  target
	      server.

SECURITY

       cachemgr.cgi calls the requested server on the requested port using HTTP and returns a formatted version of the response. To avoid abuse it
       is recommended to configure your web server to restrict access to the cachemgr.cgi program.

       Configuration examples for many common web servers can be found in the Squid FAQ.

SEE ALSO

       squid(8)
       The Squid FAQ, Chapter 9 The Cache Manager

							      Squid Web Proxy 3.1.20						   cachemgr.cgi(8)