Squid Crafted NTLM Authentication Header DoS

Medium Nessus Plugin ID 20010


The remote web proxy server is prone to denial of service attacks.


The version of Squid, an open source web proxy cache, installed on the remote host will abort if it receives a specially crafted NTLM challenge packet. A remote attacker can exploit this issue to stop the affected application, thereby denying access to legitimate users.


Apply the patch referenced in the bug report or upgrade to Squid 2.5.STABLE11 or later.

See Also


Plugin Details

Severity: Medium

ID: 20010

File Name: squid_ntlm_dos.nasl

Version: $Revision: 1.18 $

Type: remote

Family: Firewalls

Published: 2005/10/12

Modified: 2016/05/12

Dependencies: 10195

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:squid-cache:squid

Exploit Available: false

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2005/09/13

Reference Information

CVE: CVE-2005-2917

BID: 14977

OSVDB: 19607