[squid-users] Cache poisoning vulnerability 3.5.23
Amos Jeffries
squid3 at treenet.co.nz
Wed Jul 26 20:09:57 UTC 2017
On 26/07/17 23:33, Omid Kosari wrote:
> By my experience if you see any output from following command you may be a
> victim
>
> grep -a 'generate_204' /var/log/squid/access.log | grep -v '/204 ' | grep -v
> '/000' | grep -v opera | grep -v ucweb | grep -v apple
>
OR, you have Android clients on your network doing network
troubleshooting tests.
Cache poisoning (if it is that) is a serious security issue. Please
bring the details of security problems to the *squid-bugs* mailing list
so it can be investigated and solved, rather than blind-siding everyone
with a public announcement like this.
Amos
More information about the squid-users
mailing list