Full Report
A heap over-read in the Squid web proxy can leak another user's cleartext HTTP request, including any credentials or session tokens it carries, to anyone already allowed to send traffic through the same proxy. The bug traces to a 1997 FTP-parsing change and is still live in Squid's default configuration. Researchers at Calif.io disclosed it in June and named it Squidbleed (
Analysis Summary
# Vulnerability: Squidbleed Heap Over-read
## CVE Details
- **CVE ID:** CVE-2026-47729
- **CVSS Score:** 6.5 (Moderate)
- **CWE:** CWE-126 (Buffer Over-read) / CWE-125 (Out-of-bounds Read)
## Affected Systems
- **Products:** Squid Web Proxy
- **Versions:** Traced back to changes in 1997; affects versions prior to 7.6/7.7 (Specific fix verification required for Squid 5.x and 6.x branches).
- **Configurations:**
- Default configurations where FTP proxying is enabled.
- Squid must be configured to communicate with an FTP server on port 21.
- Risk applies to cleartext HTTP traffic or TLS-terminating (HTTPS inspection) setups.
## Vulnerability Description
Squidbleed is a heap over-read flaw located in Squid’s FTP directory-listing parser (`FtpGateway.cc`). The bug occurs because the code uses `strchr` to skip whitespace in a loop without properly checking for the string's null terminator.
When an attacker-controlled FTP server sends a malformed directory listing line (e.g., ending immediately after a timestamp with no filename), the pointer advances to the null terminator. Because `strchr` treats the NUL byte as a valid character to search, the loop continues past the buffer boundary. This causes `xstrdup` to copy adjacent heap memory—which often contains residual data from previous cleartext HTTP requests due to Squid's memory reuse patterns—and return it to the attacker as a "filename."
## Exploitation
- **Status:** PoC available (GitHub: califio/publications); no reported exploitation in the wild.
- **Complexity:** Low
- **Attack Vector:** Network (Requires the attacker to be a "trusted client" already permitted to send traffic through the proxy).
## Impact
- **Confidentiality:** High (Leads to the leakage of cleartext HTTP requests, including session tokens, cookies, and credentials).
- **Integrity:** None
- **Availability:** None
## Remediation
### Patches
- **Squid 7.7:** Confirmed fix included.
- **Squid 7.6:** Reported to contain the fix, but users should verify the presence of the null-terminator check in `FtpGateway.cc`.
- **Distribution Backports:** Debian (Squid 5.7) and other distributions are working on backported patches. Verify specific package versions with your vendor.
### Workarounds
- **Disable FTP:** The most effective mitigation is to disable FTP proxying entirely. Modern browsers no longer support FTP, and disabling it removes the vulnerable attack surface without impacting most modern web traffic.
## Detection
- **Indicators of Compromise:** Monitor for proxy requests to suspicious or external FTP servers, especially those triggered by automated local clients.
- **Detection Methods:** Audit `FtpGateway.cc` source code for a null-terminator check before `strchr` calls. Review proxy logs for unusual FTP directory listing activity.
## References
- **Vendor Advisory:** hxxps[:]//seclists[.]org/oss-sec/2026/q2/896
- **Researcher Disclosure:** hxxps[:]//blog[.]calif[.]io/p/squidbleed-cve-2026-47729
- **Fix Commit:** hxxps[:]//github[.]com/squid-cache/squid/commit/865a131c7d557e68c965043d98c2eccae26deef8
- **PoC Repository:** hxxps[:]//github[.]com/califio/publications/tree/main/MADBugs/squidbleed