Squid Web Proxy Authentication Failure Vulnerability
----------------------------------------------------------------------------
----
SUMMARY
After decoding the base64 encoded "user:password" pair given by the
client, squid doesn't strip out any '\n' or '\r' found in the resulting
string. Given such a string, any external authenticator will receive two
lines instead of one, and most probably send two results. Now, any
subsequent authentification exchange will has its answer shifted by one.
Therefore, a malicious user can gain access to sites he or she should not
have access to.
DETAILS
Vulnerable systems:
National Science Foundation Squid Web Proxy 2.2
National Science Foundation Squid Web Proxy 2.1
National Science Foundation Squid Web Proxy 1.1
National Science Foundation Squid Web Proxy 1.0NOVM
National Science Foundation Squid Web Proxy 1.0
Non vulnerable systems:
National Science Foundation Squid Web Proxy 2.3.0
Squid has released a patch the fixes the mentioned vulnerability:
<http://squid.nlanr.net/Versions/v2/2.2/bugs/squid-2.2.stable5-newlines_in_a
uth.patch >
http://squid.nlanr.net/Versions/v2/2.2/bugs/squid-2.2.stable5-newlines_in_au
th.patch
ADDITIONAL INFORMATION
The vulnerability was discovered by: <mailto:[EMAIL PROTECTED]> Oezguer
Kesim
-------
AFLHI 058009990407128029/089802---(102598//991024)
milis ini didukung oleh :
>> http://www.indolinux.com - dunia linux indonesia
-------------------------------------------------------------------
untuk berhenti kirim email ke [EMAIL PROTECTED]
untuk melihat peraturan kirim email ke [EMAIL PROTECTED]
arsip berada di http://www.mail-archive.com/[email protected]
