Linux Today: Linux News On Internet Time.

More on LinuxToday

LinuxSecurity.com: Squid Vulnerability: Insecure forwarding of proxy_auth

Jun 28, 2002, 14:18 (0 Talkback[s])

[ Thanks to LinuxSecurity Contributors for this link. ]

"Vendors have not issued updates yet for a vulnerability just reported by the Squid Project. 'Under some conditions Squid may forward the proxy authentication credentails. This can happen if you normally require your users to log in to use the proxy, but allow some sites to be reached without needing to log in.'

Complete Story