Information Disclosure Vulnerability in Squid Proxy Server

Information Disclosure Vulnerability in Squid Proxy Server

CVE-2016-4053 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes (ESI) responses, related to incorrect use of assert and compiler optimization.

Learn more about our Web Application Penetration Testing UK.