Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200409-04
HistorySep 02, 2004 - 12:00 a.m.

Squid: Denial of service when using NTLM authentication

2004-09-0200:00:00
Gentoo Foundation
security.gentoo.org
14

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.036 Low

EPSS

Percentile

91.5%

JSON

Background

Squid is a full-featured Web Proxy Cache designed to run on Unix systems. It supports proxying and caching of HTTP, FTP, and other URLs, as well as SSL support, cache hierarchies, transparent caching, access control lists and many other features.

Description

Squid 2.5.x versions contain a bug in the functions ntlm_fetch_string() and ntlm_get_string() which lack checking the int32_t offset “o” for negative values.

Impact

A remote attacker could cause a denial of service situation by sending certain malformed NTLMSSP packets if NTLM authentication is enabled.

Workaround

Disable NTLM authentication by removing any “auth_param ntlm program …” directives from squid.conf or use ntlm_auth from Samba-3.x.

Resolution

All Squid users should upgrade to the latest stable version:

 # emerge sync
 
 # emerge -pv ">=net-www/squid-2.5.6-r2"
 # emerge ">=net-www/squid-2.5.6-r2"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-proxy/squid<= 2.5.6-r1UNKNOWN

Related

nessus 5
openvas 5
redhat 1
securityvulns 1
ubuntucve 1
cve 1
debiancve 1
freebsd 1
ubuntu 1
suse 3
nessus
nessus
RHEL 3 : squid (RHSA-2004:462)
2004-10-02 00:00:00
GLSA-200409-04 : Squid: Denial of service when using NTLM authentication
2004-09-03 00:00:00
FreeBSD : squid -- NTLM authentication denial-of-service vulnerability (064225c5-1f53-11d9-836a-0090962cff2a)
2005-07-13 00:00:00
openvas
openvas
FreeBSD Ports: squid
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200409-04 (squid)
2008-09-24 00:00:00
FreeBSD Ports: squid
2008-09-04 00:00:00
redhat
redhat
(RHSA-2004:462) squid security update
2004-09-30 00:00:00
securityvulns
securityvulns
MDKSA-2004:093 - Updated squid packages fix DoS vulnerability
2004-09-16 00:00:00
ubuntucve
ubuntucve
CVE-2004-0832
2004-11-03 00:00:00
cve
cve
CVE-2004-0832
2004-11-03 05:00:00
debiancve
debiancve
CVE-2004-0832
2004-11-03 05:00:00
freebsd
freebsd
squid -- NTLM authentication denial-of-service vulnerability
2004-08-18 00:00:00
ubuntu
ubuntu
squid vulnerabilities
2004-11-07 00:00:00
suse
suse
remote code execution in gtk2, gdk-pixbuf
2004-09-17 10:02:50
remote command execution in XFree86-libs, xshared
2004-09-17 13:37:17
remote denial-of-service in apache2
2004-09-15 15:46:39

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.036 Low

EPSS

Percentile

91.5%

JSON
Related for GLSA-200409-04
nessus5openvas5redhat1securityvulns1ubuntucve1cve1debiancve1freebsd1ubuntu1suse3