Doyensec – Info Leak in Squid Proxy

3 weeks ago 2

Due to a failure to redact HTTP Authentication credentials
Squid is vulnerable to an Information Disclosure attack.

Severity:

This problem allows a script to bypass Browser security
protections and learn the credentials a trusted client uses to
authenticate.

This problem potentially allows a remote client to identify
security tokens or credentials used internally by a web
application using Squid for backend load balancing.

These attacks do not require Squid to be configured with HTTP
Authentication.

Updated Packages:

This bug is fixed by Squid version 7.2.

In addition, patches addressing this problem for the stable
releases can be found in our patch archives:

Squid 7:

0951a06

If you are using a prepackaged version of Squid then please refer
to the package vendor for availability information on updated
packages.

Determining if your version is vulnerable:

The following test can be used to determine if your Squid has
a vulnerable configuration:

squid -k parse 2>&1 | grep "email_err_data"

All Squid with email_err_data off are not vulnerable.

All Squid up to and including 7.1 with email_err_data on
are vulnerable.

All Squid up to and including 7.1 without email_err_data
are vulnerable.

Workaround:

Disable debug information in administrator mailto links
generated by Squid. By configuring squid.conf with:

Contact details for the Squid project:

For installation / upgrade support on binary packaged versions
of Squid: Your first point of contact should be your binary
package vendor.

If you install and build Squid from the original Squid sources
then the [email protected] mailing list is your
primary support point. For subscription details see
http://www.squid-cache.org/Support/mailing-lists.html.

For reporting of non-security bugs in the latest STABLE release
the squid bugzilla database should be used
https://bugs.squid-cache.org/.

For reporting of security sensitive bugs send an email to the
[email protected] mailing list. It's a closed
list (though anyone can post) and security related bug reports
are treated in confidence until the impact has been established.

Credits:

This vulnerability was discovered by Leonardo Giovannini of
Doyensec.

Fixed by Amos Jeffries of Treehouse Networks Ltd.

Revision history:

2025-09-12 08:52:20 UTC Initial Report
2025-10-11 07:42:00 UTC Patch Released
2025-10-13 14:35:00 UTC CVE Assignment

END

Read Entire Article
  1. Homepage
  2. Technology
  3. Doyensec – Info Leak in Squid Proxy

Related

Error ABI

Error ABI

16 minutes ago 0
Who is 'fedora man'? Dapper French teenager in viral Louvre heist photo unmasked

Who is 'fedora man'? Dapper French teenager in viral Louvre ...

17 minutes ago 0
Why your booze-free drink costs just as much as the alcoholic kind

Why your booze-free drink costs just as much as the alcoholi...

22 minutes ago 0
Hostinger Web Hosting