Mandrake Linux Security Advisory : squid (MDKSA-2001:066)
High Nessus Plugin ID 13881
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionThe Squid proxy server has a serious security flaw in versions 2.3.STABLE2 through 2.3.STABLE4. This problem surfaces when Squid is used in httpd_accel mode. If you configure http_accel_with_proxy off then any request to Squid is allowed. Malicious users may use your proxy to portscan remote systems, forge email, and other activities.
SolutionUpdate the affected squid package.