Search squid archive

Re: Squid Host header rewriting

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Juha Luoma wrote:

Hi,

Squid rewrites the host header as follows:

   GET http://194.137.237.63/uutiset/ HTTP/1.1\r\n
   Host: www.hs.fi\r\n

->

   GET /uutiset/ HTTP/1.0\r\n
   Host: 194.137.237.63\r\n

Why is that?
Because mismatch between Host: header and real destination wanted is how security attacks happen: 
http://cwe.mitre.org/data/definitions/352.html
This particular re-write is part of the security protection in Squid surrounding the ongoing issue of domain forgery: 
  http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0801

The client software sending those requests needs to be fixed. _Urgently_.


How to pass on the original Host header in this case?
Make the client software write the URL correctly containing the domain it wanted to contact. 

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
  Current Beta Squid 3.1.0.6
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux