Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Squid Caching Proxy Proof Of Concepts[6]
- Authored by Joshua Rogers[7] | Site megamansec.github.io[8]
-
Two and a half years ago an independent audit was performed on the Squid Caching Proxy, which ultimately resulted in 55 vulnerabilities being discovered in the project's C++ source code. Although some of the issues have been fixed, the majority (35) remain valid. The majority have not been assigned CVEs, and no patches or workarounds are available. Some of the listed issues concern more than one bug, which is why 45 issues are listed, despite there being 55 vulnerabilities in total (10 extra of the result of similar, but different pathways to reproduce a vulnerability). After two and a half years of waiting, the researcher has decided to release the issues publicly. This archive contains all of the proof of concept code released by the researcher.
- SHA-256 |
8a60c32d038280c1edeea0a6969797283bd744dd1d8876f4879ad103db17b469
- Download[9] | Favorite[10] | View[11]
File Tags
- ActiveX[17] (932)
- Advisory[18] (82,601)
- Arbitrary[19] (16,339)
- BBS[20] (2,859)
- Bypass[21] (1,767)
- CGI[22] (1,029)
- Code Execution[23] (7,362)
- Conference[24] (680)
- Cracker[25] (843)
- CSRF[26] (3,352)
- DoS[27] (23,698)
- Encryption[28] (2,372)
- Exploit[29] (52,190)
- File Inclusion[30] (4,231)
- File Upload[31] (977)
- Firewall[32] (821)
- Info Disclosure[33] (2,800)
- Intrusion Detection[34] (896)
- Java[35] (3,057)
- JavaScript[36] (875)
- Kernel[37] (6,780)
- Local[38] (14,530)
- Magazine[39] (586)
- Overflow[40] (12,794)
- Perl[41] (1,423)
- PHP[42] (5,156)
- Proof of Concept[43] (2,347)
- Protocol[44] (3,645)
- Python[45] (1,553)
- Remote[46] (30,954)
- Root[47] (3,598)
- Rootkit[48] (513)
- Ruby[49] (612)
- Scanner[50] (1,645)
- Security Tool[51] (7,915)
- Shell[52] (3,205)
- Shellcode[53] (1,216)
- Sniffer[54] (896)
- Spoof[55] (2,213)
- SQL Injection[56] (16,429)
- TCP[57] (2,417)
- Trojan[58] (687)
- UDP[59] (896)
- Virus[60] (666)
- Vulnerability[61] (31,948)
- Web[62] (9,757)
- Whitepaper[63] (3,753)
- x86[64] (966)
- XSS[65] (18,016)
- Other[66]
File Archives
- October 2023[67]
- September 2023[68]
- August 2023[69]
- July 2023[70]
- June 2023[71]
- May 2023[72]
- April 2023[73]
- March 2023[74]
- February 2023[75]
- January 2023[76]
- December 2022[77]
- November 2022[78]
- Older[79]
Systems
- AIX[80] (428)
- Apple[81] (2,028)
- BSD[82] (375)
- CentOS[83] (57)
- Cisco[84] (1,925)
- Debian[85] (6,870)
- Fedora[86] (1,692)
- FreeBSD[87] (1,246)
- Gentoo[88] (4,350)
- HPUX[89] (879)
- iOS[90] (359)
- iPhone[91] (108)
- IRIX[92] (220)
- Juniper[93] (69)
- Linux[94] (47,088)
- Mac OS X[95] (691)
- Mandriva[96] (3,105)
- NetBSD[97] (256)
- OpenBSD[98] (486)
- RedHat[99] (14,075)
- Slackware[100] (941)
- Solaris[101] (1,610)
- SUSE[102] (1,444)
- Ubuntu[103] (9,000)
- UNIX[104] (9,326)
- UnixWare[105] (186)
- Windows[106] (6,595)
- Other[107]
- Services
- Security Services[118]
- Hosting By
- Rokasec[119]