This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing a security update.
A vulnerability exists in squid's NTLM authentication helper. This
buffer overflow can be exploited by a remote attacker by sending an
overly long password, thus overflowing the buffer and granting the
ability to execute arbitrary code. This can only be exploited,
however, if NTLM authentication is used. NTLM authentication is built
by default in Mandrakelinux packages, but is not enabled in the
The vulnerability exists in 2.5.*-STABLE and 3.*-PRE. The provided
packages are patched to fix this problem.
See also :
Update the affected squid package.
Risk factor :
Critical / CVSS Base Score : 10.0
Public Exploit Available : true