First Last Prev Next    This bug is not in your last search results.
Bug 48026 - Squid passes acl's in httpd_accel mode in squid-2.3.STABLE4
Squid passes acl's in httpd_accel mode in squid-2.3.STABLE4
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: squid (Show other bugs)
7.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
http://www.squid-cache.org/Versions/v...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-07-09 10:31 EDT by Paul Nasrat
Modified: 2014-03-16 22:21 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-07-12 18:04:36 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Exploit (1.29 KB, text/plain)
2001-07-09 10:33 EDT, Paul Nasrat 		no flags Details
Sample config file (609 bytes, text/plain)
2001-07-09 10:36 EDT, Paul Nasrat 		no flags Details
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2001:097 normal SHIPPED_LIVE : New squid packages for Red Hat Linux 7.0 2001-07-12 00:00:00 EDT

  None (edit)
Description Paul Nasrat 2001-07-09 10:31:16 EDT 
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.17-14enterprise i686)

Description of problem:
Squid has a known bug in 2.3STABLE4 which ignores acl's in httpd_accel
mode.  This enables portscanning via squid running in this mode potentially
allowing 

How reproducible:
Always

Steps to Reproduce:
1.Set squid to httpd_accel mode, with a particular host and strict acl's
2. export httpd_proxy="http://squid-server:port"
3. lynx http://victim:22/
	

Actual Results:  You get a http 200 code if the port is open and sometimes
a response with some services SSH, SMTP, etc

Expected Results:  Should be access denied

Additional info:

RH 7.1 using squid-2.3.STABLE4-10 includes these patches
Comment 1 Paul Nasrat 2001-07-09 10:33:11 EDT 
Created attachment 23087 [details]
Exploit
Comment 2 Paul Nasrat 2001-07-09 10:36:54 EDT 
Created attachment 23088 [details]
Sample config file
Comment 3 Bill Nottingham 2001-07-23 01:21:25 EDT 
Fixed in the errata release.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.