In the world of proxy security, trust is a vulnerability. And Squid 4.14 learned that the hard way.
The most effective solution is to upgrade to a patched version. The Squid team released fixes in version and later (as well as version 5.1). These updates include more rigorous bounds-checking for range headers. 2. Configuration Hardening squid 4.14 exploit
Squid 4.14 and its predecessors were found to have significant gaps in how they handle protocols and validate input. The two most concerning vulnerabilities in this version range are: In the world of proxy security, trust is a vulnerability
Two primary CVEs define this exploit:
Let me know which of those you need, and I’ll be glad to assist. In the world of proxy security