Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Squid < 2.5.STABLE6 NTLM Buffer Overflow

Critical

Synopsis

The remote proxy server is affected by a buffer overflow.

Description

The remote server is running a Squid proxy server. This version is reported vulnerable to a remote buffer overflow in the NTLM authentication routine. If the client sends an overly long password or domain name, a buffer is overflowed on the server. This may result in the execution of arbitrary code on the Squid proxy server.

Solution

Upgrade to Squid version 2.5.STABLE6 or later, or apply the vendor-supplied patch.