News

Another victory in making open source software more robust

Codenomicon's brave security soldiers have won yet another round in our ongoing battle for making open source software more robust and promoting the effectiveness of Codenomicon testing products in the process.

The advisory relating to this victory can be read at:
http://www.squid-cache.org/Advisories/SQUID-2009_1.txt

For more information on the Codenomicon CROSS initiative, check out:
http://www.codenomicon.com/solutions/cross.shtml

Our talented security specialists Joshua Morin and Mikko Varpiola caught the bug while running the DEFENSICS HTTP Server Test Tool against Squid proxy. Jukka Taimisto and the entire CROSS team then analyzed the bug so that we could submit it using responsible disclosure policies. CERT-FI was selected due to their good track record with vulnerability disclosure coordination, and they took care of most of the communication with Squid, and the enormous amount of commercial vendors using and depending on it.

Squid is a widely used and well-known open source product, and some even consider it a security product. Codenomicon is happy to help such projects in producing more robust code.

Codenomicon Network Analyzer

Codenomicon DEFENSICS™ 3.0 - Free evaluation

Sign up for our newsletter

Follow us on:

Twitter Facebook