|
|
Subscribe / Log in / New account

squid: security bypass

Package(s):squid3 CVE #(s):CVE-2015-5400
Created:July 30, 2015 Updated:September 9, 2015
Description: From the Debian LTS advisory:

Alex Rousskov discovered that Squid configured with cache_peer and operating on explicit proxy traffic does not correctly handle CONNECT method peer responses. In some configurations, it allows remote clients to bypass security in an explicit gateway proxy.

Alerts:
SUSE SUSE-SU-2016:2089-1 squid3 2016-08-16
openSUSE openSUSE-SU-2016:2081-1 squid 2016-08-16
SUSE SUSE-SU-2016:1996-1 squid3 2016-08-09
Fedora FEDORA-2016-7b40eb9e29 squid 2016-05-06
Fedora FEDORA-2016-7b40eb9e29 libecap 2016-05-06
Debian DSA-3327-1 squid3 2015-08-03
Mageia MGASA-2015-0347 squid 2015-09-08
Debian-LTS DLA-286-1 squid3 2015-07-30
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds