Squid 2.5.x < 2.5.STABLE8 Information Disclosure
Medium Nessus Network Monitor Plugin ID 2448
SynopsisThe remote proxy server can be tricked into disclosing portions of its memory.
DescriptionThe remote host running a Squid proxy on this port.
There is a vulnerability in the remote version of this software that may allow an attacker to obtain sensitive information via URLs containing invalid hostnames that cause DNS operations to fail, which results in references to previously used error messages.
SolutionUpgrade to Squid 2.5.STABLE8, 3.0-PRE4, or apply the vendor patches.