Squidbleed Leaks Credentials From 29-Year-Old Squid Proxy Bug

A heap over-read vulnerability in Squid Proxy's FTP directory-listing parser has been leaking user credentials and session tokens for nearly three decades. Security researchers at Calif.io named the flaw Squidbleed after Heartbleed due to its similar memory-leaking behavior.

The vulnerability, tracked as CVE-2026-47729, carries a CVSS score of 6.5. While moderate in severity, the flaw's longevity and the sensitive nature of leaked data make it a significant concern for organizations running shared proxy environments.

How Squidbleed Works

The bug traces back to a January 1997 commit designed to handle directory listing formats from NetWare FTP servers. The problematic code uses a while loop with strchr() to skip whitespace characters when parsing FTP listings. When an attacker's controlled FTP server sends a specially crafted listing line ending immediately after the timestamp with no filename, the loop fails to terminate at the null character boundary.

This causes Squid to read beyond the allocated buffer into heap memory containing fragments of previously processed requests. An attacker who can get Squid to fetch a directory listing from their FTP server extracts whatever data remains in those memory locations—including HTTP Authorization headers, cookies, and session tokens from other users sharing the same proxy instance.

The attack requires two conditions: the attacker must have access to the proxy as a trusted client, and the proxy must be configured to reach FTP servers on port 21. Both capabilities are enabled by default in most Squid deployments.

Scope of Exposure

Squidbleed primarily threatens cleartext HTTP traffic. HTTPS connections proxied via CONNECT tunnels remain protected since Squid handles them as opaque byte streams without inspecting headers. However, environments that terminate TLS at the proxy layer for inspection purposes expose all traffic to potential leakage.

The vulnerability poses the greatest risk in shared proxy environments—corporate networks, educational institutions, and public WiFi hotspots where multiple users route traffic through a single Squid instance. An attacker on the same network can systematically harvest credentials from every user's requests, creating data breach scenarios that affect every user of the shared infrastructure.

Organizations running Fortinet devices should note the similar credential exposure risk from the FortiBleed campaign disclosed last week, which harvested over 73,000 VPN credentials through different means.

Patching Complications

The fix has been merged into Squid's development branch since April and the v7 branch in May, but version confusion has complicated remediation efforts. Initial reports claimed Squid 7.6 contained the fix, but the actual patch ships in version 7.7.

Researchers recommend verifying the null-terminator guard exists in FtpGateway.cc rather than relying solely on version numbers. The specific check ensures the loop terminates properly when encountering the end of the input string. This type of version confusion around patch status has caused problems in other critical vulnerability disclosures where administrators assumed they were protected but weren't.

For organizations unable to patch immediately, the cleanest mitigation is disabling FTP support entirely. Modern browsers dropped FTP protocol support years ago, and most enterprise networks carry negligible FTP traffic. Removing the attack surface eliminates the vulnerability without waiting for patched builds.

Why This Matters

Squidbleed demonstrates how deeply buried parser bugs can survive decades of code reviews, security audits, and production deployments. The researchers noted that AI-assisted code analysis caught the strchr() quirk that human reviewers missed for 29 years—a trend we're seeing across vulnerability discovery, including OpenAI's expanded Daybreak initiative for automated vulnerability detection.

The flaw also highlights the ongoing risk from legacy protocol handlers in modern software. FTP represents a dying protocol, but its parsing code ships enabled by default in one of the internet's most widely deployed proxy servers. Organizations should audit which legacy features remain active in their network infrastructure and disable anything not explicitly required.

Administrators running Squid in shared environments should prioritize patching to version 7.7 or disabling FTP gateway functionality while coordinating the upgrade. Any users who accessed the proxy over cleartext HTTP during the exposure window should rotate affected credentials. Organizations can track breaking vulnerability news across our hacking news coverage for timely alerts on issues like this.