[squid-dev] Cache poisoning vulnerability 3.5.23

Eliezer Croitoru eliezer at ngtech.co.il
Wed Jul 26 12:27:28 UTC 2017


Hey Omid,

It's not clear what do you mean by cache poisoning?
There are couple options but there are missing technical pieces on how to re-produce the issue, what squid setup are you using ie squid.conf.
How can I test it here on my test lab?

Thanks,
Eliezer

----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il



-----Original Message-----
From: squid-dev [mailto:squid-dev-bounces at lists.squid-cache.org] On Behalf Of Omid Kosari
Sent: Wednesday, July 26, 2017 13:19
To: squid-dev at lists.squid-cache.org
Subject: [squid-dev] Cache poisoning vulnerability 3.5.23

Hello,

Recently i have seen some Cache poisoning specially on android captive
portal detection sites .
My squid was 3.5.19 (from https://packages.debian.org/stretch/squid) on
Ubuntu Linux 16.04 . Then i have upgraded to latest version 3.5.23 (from
https://packages.debian.org/stretch/squid) and purged specific pages but
again i can see cache poisoning on same pages .

http://connectivitycheck.gstatic.com/generate_204
http://clients3.google.com/generate_204
http://172.217.20.206/generate_204
http://clients1.google.com/generate_204
http://google.com/generate_204




--
View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/Cache-poisoning-vulnerability-3-5-23-tp4683214.html
Sent from the Squid - Development mailing list archive at Nabble.com.
_______________________________________________
squid-dev mailing list
squid-dev at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev



More information about the squid-dev mailing list