Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows malicious users to steal the related cookies.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squid squid 2.5.stable6 |
||
squid squid 2.5.stable7 |
||
squid squid 2.5.stable5 |