Actions
Bug #6681
closedSquid local auth password handling is weak and only accepting short passwords
Start date:
08/04/2016
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
The password handling in squid for local auth is using crypt() with default settings and cutting off passwords short (which is expected due to the weak defaults of crypt)
Needs beefed up a bit and tested.
Actions