squidGuard Advisory: SG-2008-06-13
Bypass vulnerabilities fixed: Domain with trailing dot|
Date: 13 June 2008
This only affects people using squidGuard with squid version
3.0 STABLE1 to STABLE5 (higher version may be affected as
well; in any case, if you are running squid 3.0 make sure to
Squid version 2.6 is known to remove trailing dots from domains
before passing the URLs to squidGuard.
Affected versions: 1.3, 1.2.1 and below
Corrected in version 1.4 alpha (and higher)
By adding a trailing dot to the domain it is possible to bypass
the filter and access blocked sites.
Patches for version 1.2.1 and 1.3 are available at:
Please read the installation instruction in the included Readme files.