WCCP security issue

["mickael kael" <mickael.kael () gmail com>]

Hello all,

Does anyone is aware about WCCP design vulnerability ?. I am wondering
if it is possible to send bad WCCP response to a router  for bypassing
proxy check ?

> From cisco :
"Web Cache Packet Return

If a cache engine is unable to provide a requested object it has
cached due to error or overload, the cache engine will return the
request to the router for onward transmission to the originally
specified destination server. WCCPv2 provides a check on packets that
determines which requests have been returned from the cache engine
unserviced. Using this information, the router can then forward the
request to the originally targeted server (rather than attempting to
resend the request to the cache cluster). This provides error handling
transparency to clients."

Thanks in advance for your information,

Best regards,

Mk,