SquidGuard Bypass Bug (squidGuard Advisory: SG-2007-04-15)

mkuron

The currently available SquidGuard package for pfSense has a bug that allows you to bypass URL filters (domain filters are unaffected).
If you block e.g. the following URLs

blog.oregonlive.com/popmusic/
ftd.de/boersen_maerkte/aktien/

you'll still be able to access them at

http://blog.oregonlive.com///popmusic/
http://www.ftd.de/boersen_maerkte/aktien/

This bug affects all SquidGuard versions before 1.2.1 (pfSense uses 1.2.0) - http://www.squidguard.org/Doc/sg-2007-04-15.html .

dvserg

Thanks for report.

mkuron

Were you able to fix this bug yet?

SquidGuard Bypass Bug (squidGuard Advisory: SG-2007-04-15)

Products

Services

Support

News

Resources

Company

Our Mission

Subscribe to our Newsletter