TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

29-Year-Old Squid Proxy Bug ‘Squidbleed’ Can Leak Cleartext HTTP Requests

By rooter

A heap over-read in the Squid web proxy can leak another user’s cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy.

The bug traces to a 1997 FTP-parsing change and is still live in Squid’s default configuration. Researchers at Calif.io disclosed it in June and named it Squidbleed (

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Data Breach with Eastman Kodak Company

rooter
Cyber Security

ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack

rooter
Cyber Security

What Makes a Pen Test Fail? Common Penetration Testing Mistakes to Avoid

rooter

Leave a Reply

You Missed

News

WhatsApp Is Getting A New CEO From The Fintech World

News

Oracle Cuts 21,000 Jobs in One Year, Blames AI For at Least Some

News

Nvidia says its AI data center design runs hotter to use a lot less water

News

Trump Just Signed Two Executive Orders Aimed at Hastening the Arrival of the Quantum Computing Era