New squid packages are available for Red Hat Linux 7.0 that fix a possible security problem with Squid's HTTP accelerator feature. If Squid was configured in accelerator-only mode, it was possible for remote users to portscan machines through the Squid proxy, potentially allowing for access to machines not otherwise available. It is recommended that users who use Squid in accelerator-only mode update to the fixed packages. Note that Red Hat Linux 7.1 is not affected by this vulnerability, nor are releases prior to Red Hat Linux 7.0.
If Squid is configured with 'httpd_accel_host <some hostname>' and 'httpd_accel_with_proxy off', access control lists will not be enabled. This could allow any remote user to use the squid server to access other sites, potentially ones that they could not reach otherwise. Thanks go to Paul Nasrat <pnasrat@uk.now.com> for notifying us of this vulnerability and to the Squid team for providing the patch.
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center