News

Another look at Squid proxy, another set of problems

July 28th, 2009

Earlier this year, the CROSS team of Codenomicon Labs took the Defensics HTTP Server tests to a test against Squid HTTP proxy. The results from the fuzz test can be found here.

Now, looking at the security of handling HTTP responses, with Defensics HTTP Client tests, the team found a new set of issues.

The advisory relating to these findings can be read at:
http://www.squid-cache.org/Advisories/SQUID-2009_2.txt

For more information on the Codenomicon CROSS initiative, check out:
http://www.codenomicon.com/solutions/cross.shtml

Squid is a widely used and well-known open source product, and some even consider it a security product. Codenomicon is happy to help this and similar open source projects in producing more robust code.

Codenomicon Network Analyzer

Codenomicon DEFENSICS™ 3.0 - Free evaluation

Sign up for our newsletter

Follow us on:

Twitter Facebook