[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 751-1] New squid packages fix IP spoofing vulnerability

* Martin Schulze:

> The upstream developers have discovered a bug in the DNS lookup code
> of Squid, the popular WWW proxy cache.  When the DNS client UDP port
> (assigned by the operating system at startup) is unfiltered and the
> network is not protected from IP spoofing, malicious users can spoof
> DNS lookups which could result in users being redirected to arbitrary
> web sites.

What is the exact cause of the problem?  Non-random message IDs?

Reply to: