Squid Analysis Report Generator
It was possible to view the Squid analysis report generator (sarg) contents.
- sarg
- exposure
- logs
Squid is a secure, flexible and high-performance web caching framework. It can be used as a proxy server and an application server. The analysis report generator (sarg) is a tool that generates Squid analysis reports. By default, the analysis report generator is accessible from the Internet.
Impact
Attackers can retrieve a copy of the analysis log file to better understand the application structure and possibly an alternative way to access it.
Solution
If possible delete the sarg contents or keep the content in a non-readable format.
Was this page helpful?