kugadzirisa proxy kusunungurwa , iyo yakagadzirisa 5 vulnerabilities. Kusagadzikana kumwe (CVE-2019-12527) zvinogona kuronga kodhi kuuraya nekodzero dze server process.
Nyaya iyi inokonzereswa nebug muHTTP Basic authentication handler uye inobvumira kuti buffer ifashukire kuti itange kana ichipfuura dzakanyatsogadzirwa zvitupa paunowana squid Cache.
Maneja kana yakavakirwa-mukati FTP gedhi. Kusagadzikana kunoonekwa kutanga nekuburitswa kweSquid 4.0.23. Sechishandiso chekuvharisa kusavimbika, unogona kuvaka patsva squid ne "--disable-auth-basic" sarudzo kana kudzima kupinda kune masevhisi anoshandisa HTTP chokwadi mukugadzirisa:
acl FTP proto FTP
http_access ramba FTP
http_access ramba maneja
Humwe hutatu hunokanganisa hunogona kutungamira mukurambwa kwesevhisi paunenge uchinyengedza cachemgr.cgi, HTTP Digest kana HTTP Basic authentication. Kusagadzikana kwasara kunobvumira kuyambuka-saiti scripting kuburikidza necachemgr.cgi.
Source: opennet.ru