CAN-2005-0718 on squid 2.4.STABLE6

From: Luigi Gangitano <>
Date: Fri, 29 Apr 2005 18:14:59 +0200

I need help to investigate the aborted POST/PUT vulnerability on 2.4.STABLE6
(version packaged in debian stable). Since 2.4.STABLE6 client_side.c is mostly
changed and I cannot verify how to apply the squid-2.5.STABLE7-post.patch and
if this fixes the bug.

I'm not even sure that 2.4.STABLE6 is affected. Can somebody provide a proof of
concept or directions on how to reproduce the bug?



This message was sent using IMP, the Internet Messaging Program.
Received on Fri Apr 29 2005 - 10:15:13 MDT

This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:06 MDT