Saulius Lapinskas from Lithuanian State Social Insurance Fund Board
discovered that Squid3, a fully featured web proxy cache, does not
properly process responses to If-None-Modified HTTP conditional
requests, leading to client-specific Cookie data being leaked to other
clients. A remote attacker can take advantage of this flaw to discover
private and sensitive information about another clients browsing
session.