Date: Mon, 20 Jul 1998 21:37:21 +0200
From: Fred Donck <f.c.w.donck@SIEP.SHELL.COM>
To: BUGTRAQ@NETSPACE.ORG
Subject: Fwd: Security warning: Netscape 4.0x https & Squid 1.2beta proxy
This is a multi-part message in MIME format.
--------------E5DDC0B8E9C6864BE87CCF5E
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
All,
See attached from the squid-users mailing-list
-- Fred
--------------E5DDC0B8E9C6864BE87CCF5E
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Received: from ksopenml.ksepl.shell.nl by swwrij.ksepl.shell.nl (8.8.7/8.8.7-Fred.Donck/EPT-IS) id RAA16224; Mon, 20 Jul 1998 17:11:18 +0200 (MET DST)
Received: from shell.nl by ksopenml.ksepl.shell.nl with ESMTP
(1.40.112.12/16.2) id AA152267477; Mon, 20 Jul 1998 17:11:17 +0200
Received: by shell.nl; id RAA05696; Mon, 20 Jul 1998 17:11:16 +0200 (METDST)
Received: from ack.ucar.edu(192.52.106.29) by charon-1.shell.nl via smap (3.2)
id xma005585; Mon, 20 Jul 98 17:10:41 +0200
Received: (from slist@localhost)
by ircache.net (8.8.6/8.8.6) id IAA02926
for fred@siep.shell.com; Mon, 20 Jul 1998 08:10:40 -0700 (PDT)
Resent-Date: Mon, 20 Jul 1998 08:10:40 -0700 (PDT)
Date: Mon, 20 Jul 1998 10:09:38 -0500
Message-Id: <199807201509.KAA26183@jello.csc.ti.com>
From: Joe Ramey <ramey@csc.ti.com>
To: hno@hem.passagen.se
Cc: squid-users@ircache.net
In-Reply-To: <35AFCEB9.9E4500A@hem.passagen.se> (message from Henrik Nordstrom
on Sat, 18 Jul 1998 00:22:49 +0200)
Subject: Re: Security warning: Netscape 4.0x https & Squid 1.2beta proxy
Reply-To: ramey@csc.ti.com
References: <35AFCEB9.9E4500A@hem.passagen.se>
Resent-Message-Id: <"807OuD.A.5j.Z31s1"@ack.ircache.net>
Resent-From: squid-users@ircache.net
X-Mailing-List: <squid-users@ircache.net> archive/latest/852
X-Loop: squid-users@ircache.net
Precedence: list
Resent-Sender: squid-users-request@ircache.net
X-Mozilla-Status2: 00000000
Date: Sat, 18 Jul 1998 00:22:49 +0200
Content-Type: text/plain; charset=iso-8859-1
From: Henrik Nordstrom <hno@hem.passagen.se>
Sender: hno@hem.passagen.se
X-MIME-Autoconverted: from quoted-printable to 8bit by ircache.net id PAA06782
Resent-From: squid-users@ircache.net
X-Mailing-List: <squid-users@ircache.net> archive/latest/793
X-Loop: squid-users@ircache.net
Precedence: list
Resent-Sender: squid-users-request@ircache.net
If you are using Squid 1.2beta and Netscape 4.x then you MUST use
different server names for your HTTP and Security (SSL) proxy. This
is due to a bug in Netscape4.0x that may cause https requests to be
sent in plain text to a Squid 1.2beta proxy server.
FWIW, this bug is still present in the latest Netscape beta, 4.5 PR1.
I reported this bug to them several months ago. Guess it's time to
report it again.
Joe
--------------E5DDC0B8E9C6864BE87CCF5E--