squid DoS

From: Vladimir Ivaschenko (hazardat_private)
Date: Fri Sep 21 2001 - 01:48:47 PDT

Next message: advisoriesat_private: "IRM Security Advisory: Xcache Path Disclosure Vulnerability"

Previous message: gabriel maggiotti: "script to find apache users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear All,

I'd like to inform about a DoS bug I recently found in SQUID regarding
handling of mkdir-only PUT requests - please look at
http://www.squid-cache.org/bugs/show_bug.cgi?id=233 for more info.
From my testing, it applies both to Squid 2.3 and 2.4 series. Tested on
RedHat 6.2 and 7.1.

This bug has been fixed by SQUID developers on Sep 18 and has been known
for about two weeks - I think its time to inform Bugtraq.

--
Best Regards
Vladimir Ivaschenko
Certified Linux Engineer (RHCE)
http://www.hazard.maks.net/

Next message: advisoriesat_private: "IRM Security Advisory: Xcache Path Disclosure Vulnerability"
Previous message: gabriel maggiotti: "script to find apache users"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Sep 21 2001 - 11:44:27 PDT