Simply because Microsoft does not provide much details on this
vulnerability. Also starting about a week ago I noticed several "urlParse:
Illegal character in hostname" in the log for domain names containing either
! Or [] (From unsolicited HTML email messages). I was wondering if these
were attempts to exploit this vulnerability.
Eric.
-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Monday, April 21, 2003 10:18 AM
To: Eric Galarneau; 'squid-users@squid-cache.org'
Subject: Re: [squid-users] Squid and MS Proxy 2.0 Denial of service
On Monday 21 April 2003 15.31, Eric Galarneau wrote:
> Could Squid also be vulnerable to the same DOS as MS proxy 2.0?
>
> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/
>security/ bulletin/MS03-012.asp
What this describes is an internal bug in implementation of the SOCKS
component of MS proxy 2.0. It has no relation to Squid in any manner
that I can see.
Why do you ask?
Regards
Henrik
-- Donations welcome if you consider my Free Squid support helpful. https://www.paypal.com/xclick/business=hno%40squid-cache.org If you need commercial Squid support or cost effective Squid or firewall appliances please refer to MARA Systems AB, Sweden http://www.marasystems.com/, [email protected]Received on Mon Apr 21 2003 - 09:00:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:15:06 MST