On 12/04/2014 5:23 p.m., Amm wrote: > Hello, > > I accidentally came across this. I was trying to test what TLS version > my squid reports. > > So I ran this command: > openssl s_client -connect 192.168.1.2:8081 > > where 8081 is https_port on which squid runs. (with sslbump) > > And BOOM, squid went in to infinite loop! And started running out of > file descriptors. > Is this happening with "via on" ? It is an expected vulnerability with "via off". Amos
