Topic: Squid Web Proxy Security Issue

[Bob Wallman]

I found this web site on Insecure Web Proxy Servers and Squid is mentioned:

http://linux.oreillynet.com/pub/a/linux/2002/02/25/insecurities.html#squ

I'm not sure of the Squid version in 5.1.2.  Does anyone know if 5.1.2 is affected by this?

[Filippo Carletti]

SME squid is affected, but only local users could "attack" it.
SME firewalls port 3128 from outside.

[Bob Wallman]

I work for a School Division and I wouldn't put anything past some of the students.  I wonder if an update will be made available for this or is there something else I could do?

[Filippo Carletti]

Oops. I was thinking about a school as the only example of problematic env.
Install squid errata from RedHat 7.1.
http://www.redhat.com/support/errata/RHSA-2002-029.html

[jehu]

i am not sure if I understand what you are saying. Should I update squid. Can it be attacked from outside.

Thanks,
Jehu.

[Charlie Brady]

jehu wrote:
 
> i am not sure if I understand what you are saying. Should I
> update squid. Can it be attacked from outside.

Filippo is saying that squid cannot be attacked from the outside, and that you can update squid if you feel you should (for example, if you think that your internal users might be malicious).

And I agree with him.

Charlie

[jehu]

Thanks, the only internal user is me. So I won,t  be attacking the Squid.

Thanks again,
Jehu

[Dean Mumby]

Why is SME using such and old version of squid the latest stable is 2.4STABLE4 and we are using 2.3STABLE4 surely there must be some important improvements ?

Dean

[Filippo Carletti]

2.3.STABLE4 was included in RedHat 7.1 upon which SME is based.
See http://www.squid-cache.org/Versions/v2/2.4/ChangeLog.txt for improvements / fixes.