Squid Remote NTLM Authentication Password Handling Remote Overflow

High Log Correlation Engine Plugin ID 801046


The remote host is vulnerable to a buffer overflow.


The remote server is running a Squid proxy server. This version is reported vulnerable to a remote buffer overflow in the NTLM authentication routine. Exploitation of this vulnerability can allow remote attackers to gain access to confidential data.


Upgrade or patch according to vendor recommendations.

See Also



Plugin Details

Severity: High

ID: 801046

File Name: 801046.prm

Family: Web Servers

Nessus ID: 12294

Risk Information

Risk Factor: High


Base Score: 2.1

Temporal Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Exploitable With

Metasploit (Squid NTLM Authenticate Overflow)

Reference Information

CVE: CVE-2004-0541

BID: 10500