search for: cachemgr

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Potential misuse of squid cachemgr.cgi Advisory ID: RHSA-1999:025-01 Issue date: 1999-07-29 Updated on: Keywords: squid cachemgr.cgi connect Cross references: --------------------------------------------------------------------- 1. Topic: cachemgr.cgi, the manager interface to Squid, is installed by default in /home/httpd/cg...

Hi all; We have Squid 2.5.STABLE7running with 30 ntlm_auth helpers Version 3.0.10-1.fc3. The problem is that on the squid?s cachemgr.cgi->NTLM User Authenticator Stats is possible to verify that the ntlm_auth processes are slowly having the flag R (Reserved or Deferred) set and never being used again (the number of requests stops). This problem goes until there is no more ntlm_auth process available and the squid restart...

Author: nk151552 Repository: /hg/zfs-crypto/gate Revision: 046c28d2b15fae39e9ac18b188525af874b9dbe9 Log message: 6301766 deadlock in nis_cachemgr when addressing request to itself Files: update: usr/src/cmd/rpcsvc/nis/cachemgr/cachemgr.c update: usr/src/lib/libnsl/nis/cache/cache_api.cc update: usr/src/lib/libnsl/nis/cache/mgr_cache.cc update: usr/src/lib/libnsl/nis/cache/mgr_cache.h

...aker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # # Recommended minimum Access Permission configuration: # # Deny requests to certain unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports # Only allow cachemgr access from localhost http_access allow localhost manager http_access deny manager # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on "localhost" is a local user #http...

...rc/cmd/rpcsvc/nis/bin/nisadm.c update: usr/src/cmd/rpcsvc/nis/bin/nisctl.c update: usr/src/cmd/rpcsvc/nis/bin/nisping.c update: usr/src/cmd/rpcsvc/nis/bin/nisshowcache.c update: usr/src/cmd/rpcsvc/nis/bin/nisstat.c update: usr/src/cmd/rpcsvc/nis/bin/nisupdkeys.c update: usr/src/cmd/rpcsvc/nis/cachemgr/cachemgr.c update: usr/src/cmd/rpcsvc/nis/rpc.nisd/Makefile update: usr/src/cmd/rpcsvc/nis/rpc.nisd/nis_db.c update: usr/src/cmd/rpcsvc/nis/rpc.nisd/nis_log_common.c update: usr/src/cmd/rpcsvc/nis/rpc.nisd/nis_main.c update: usr/src/cmd/rpcsvc/nis/rpc.nisd/nis_subr_proc.c update: usr/src/cmd/...

...unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # # Recommended minimum Access Permission configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to certain unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports # We strongly recommend the following be uncommented to protec...

...ONNECT method CONNECT > > # > # Recommended minimum Access Permission configuration: > # > # Deny requests to certain unsafe ports > http_access deny !Safe_ports > > # Deny CONNECT to other than secure SSL ports > http_access deny CONNECT !SSL_ports > > # Only allow cachemgr access from localhost > http_access allow localhost manager > http_access deny manager > > # We strongly recommend the following be uncommented to protect innocent > # web applications running on the proxy server who think the only > # one who can access services on "localhos...

...ONNECT method CONNECT > > # > # Recommended minimum Access Permission configuration: > # > # Deny requests to certain unsafe ports > http_access deny !Safe_ports > > # Deny CONNECT to other than secure SSL ports > http_access deny CONNECT !SSL_ports > > # Only allow cachemgr access from localhost > http_access allow localhost manager > http_access deny manager > > # We strongly recommend the following be uncommented to protect innocent > # web applications running on the proxy server who think the only > # one who can access services on "localhos...

....25.tar.gz Importing PAUSE public key into your GnuPG keychain... done! (You may wish to trust it locally with 'gpg --lsign-key 450F89EC') Checking if your kit is complete... Looks good Writing Makefile for CPAN Writing MYMETA.yml and MYMETA.json cp lib/CPAN.pm blib/lib/CPAN.pm cp lib/CPAN/CacheMgr.pm blib/lib/CPAN/CacheMgr.pm cp lib/CPAN/FTP/netrc.pm blib/lib/CPAN/FTP/netrc.pm cp lib/CPAN/LWP/UserAgent.pm blib/lib/CPAN/LWP/UserAgent.pm cp lib/CPAN/FTP.pm blib/lib/CPAN/FTP.pm cp lib/CPAN/Queue.pm blib/lib/CPAN/Queue.pm cp lib/CPAN/Distroprefs.pm blib/lib/CPAN/Distroprefs.pm cp lib/CPAN/Kwalif...

...ts, with no problems at all. I appreciate that this may well not be a Squid problem per se, but I would appreciate any pointers, if only so the Squid box isn't pulled out to go back to the Apache proxy we were using before. Incidentally, all the machine runs is squid, and apache for access to cachemgr and the html access stats. TIA, Simon ------------------------------------------------------------ This communication is confidential and is intended only for the person to whom it is addressed. If you are not that person you are not permitted to make use of the information and you are req...