On 04/13/2014 04:27 PM, Amos Jeffries wrote:
On 12/04/2014 5:23 p.m., Amm wrote:
So I ran this command:
openssl s_client -connect 192.168.1.2:8081
where 8081 is https_port on which squid runs. (with sslbump)
And BOOM, squid went in to infinite loop! And started running out of
file descriptors.
Is this happening with "via on" ?
It is an expected vulnerability with "via off".
Amos
I dont have any "via" line, so that means default in "on"
Again tested it. Very easy to crash squid. It just takes 2 seconds for
squid to report:
WARNING! Your cache is running out of filedescriptors
And takes away 100% CPU too.
Regards,
Amm
