Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password (pass variable).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Squid_web_proxy_cache | National_science_foundation | 2.5_stable (including) | 2.5_stable (including) |
Squid_web_proxy_cache | National_science_foundation | 3_pre (including) | 3_pre (including) |
Red Hat Enterprise Linux 3 | RedHat | squid-7:2.5.STABLE3-6.3E | * |
Squid | Ubuntu | dapper | * |
Squid | Ubuntu | devel | * |
Squid | Ubuntu | edgy | * |
Squid | Ubuntu | feisty | * |