Squid Crafted NTLM Authentication Header DoS
Medium Nessus Plugin ID 20010
SynopsisThe remote web proxy server is prone to denial of service attacks.
DescriptionThe version of Squid, an open source web proxy cache, installed on the remote host will abort if it receives a specially crafted NTLM challenge packet. A remote attacker can exploit this issue to stop the affected application, thereby denying access to legitimate users.
SolutionApply the patch referenced in the bug report or upgrade to Squid 2.5.STABLE11 or later.