|
Family: Misc. --> Category: infos
Squid null character unauthorized access Vulnerability Scan
Vulnerability Scan Summary Acertains squid version
Detailed Explanation for this Vulnerability Test
The remote squid caching proxy, according to its version number,
is vulnerable to a flaw which may allow a possible hacker to gain access
to unauthorized resources.
The flaw in itself consists of sending a malformed username containing
the %00 (null) character, which may allow a possible hacker to access otherwise
restricted resources.
Solution : Upgrade to squid 2.5.STABLE6 or newer
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|