SecBoard
Zurück zur Übersicht
ManagerRed-TeamerNetwork

29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests

The Hacker News·
Originalartikel lesen bei The Hacker News

A heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy. The bug traces to a 1997 FTP-parsing change and is still live in Squid's default...

MITRE ATT&CK Kill Chain (2 Techniken)

Reconnaissance
T1589.001

Credentials

Command & Control
T1090

Proxy

Vollständigen Artikel lesen bei The Hacker News

Verwandte Artikel

Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data

SecurityWeek·vor etwa 3 Stunden

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

The Hacker News·vor etwa 3 Stunden

Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries

The Hacker News·vor etwa 4 Stunden

Stop Your Legacy Infrastructure from Hijacking Your AI Agents

The Hacker News·vor etwa 5 Stunden

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

SecurityWeek·vor etwa 5 Stunden