Squid Proxy Set-Cookie Headers Information Disclosure Vulnerability

Squid Proxy Set-Cookie Headers Information Disclosure Vulnerability

Squid Proxy is prone to an information-disclosure vulnerability.

Reportedly, remote attackers may gain access to Set-Cookie headers related to another user. Information gathered through exploiting this issue may aid in further attacks against services related to the cookie, potentially allowing for session hijacking.

Squid Proxy 2.5 STABLE7 to 2.5 STABLE9 are vulnerable to this issue.