[TriLUG] I want to build an HTTP Proxy for Home
Jon Carnes
jonc at nc.rr.com
Mon Aug 2 12:05:30 EDT 2004
On Mon, 2004-08-02 at 11:52, Mike Johnson wrote:
> Jon, Aaron,
>
> Do y'all have fixes for this:
> http://xforce.iss.net/xforce/xfdb/15583
>
> Or is it not that big of a deal for y'all? I was looking at SquidGuard
> and ran across that vulnerability. There doesn't seem to be a published
> patch that I can find.
>
> Thanks,
> Mike
I hadn't seen that one yet, but it seems like a minor irritant.
If you are already "looking" at a site, then it's allowed in the ACL's.
If the site is not allowed then you can't "look" at the site to be
affected...
The only problem would be if someone wanted to allow you to bypass the
squidguard security they could put links on an allowed site with some
"%00"'s...
Of course that site would soon be on the disallowed list. :-)
If you were worried about that, then just include a rule that doesn't
allow any site with the character sequence "%00" in the URL.
Jo%00n Car%00nes
More information about the TriLUG
mailing list