virus logo Client Application Firewall

Squid.NTLM.Authentication.Remote.Buffer.Overflow

description-logoDescription

This indicates a possible attempt to exploit a Buffer Overflow vulnerability in the Squid Web Proxy Cache NTLM authentication function.
The vulnerability, which is in "ntlm_check_auth", may allow an attacker to execute arbitrary code on a vulnerable system via a long password.

affected-products-logoAffected Products

Squid Web Proxy Cache 2.5 .STABLE5
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Squid Web Proxy Cache 2.5 .STABLE4
+ MandrakeSoft Corporate Server 3.0
+ MandrakeSoft Linux Mandrake 10.0 AMD64
+ MandrakeSoft Linux Mandrake 10.0
+ OpenPKG OpenPKG 2.0
+ OpenPKG OpenPKG Current
Squid Web Proxy Cache 2.5 .STABLE3
+ MandrakeSoft Linux Mandrake 9.2 amd64
+ MandrakeSoft Linux Mandrake 9.2
+ OpenPKG OpenPKG 1.3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux WS 3
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux AS 3
+ RedHat Fedora Core1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
Squid Web Proxy Cache 2.5 .STABLE1
+ MandrakeSoft Linux Mandrake 9.1 ppc
+ MandrakeSoft Linux Mandrake 9.1
+ S.u.S.E. Linux Personal 8.2
Squid Web Proxy Cache 2.4 .STABLE7
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux AS 2.1 IA64
+ RedHat Enterprise Linux AS 2.1
+ RedHat Linux Advanced Work Station 2.1
Squid Web Proxy Cache 2.4
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Squid Web Proxy Cache 2.3 .STABLE5
Squid Web Proxy Cache 2.1 PATCH2
Squid Web Proxy Cache 2.0 PATCH2
SGI ProPack 3.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Fedora Core2
RedHat Fedora Core1

Impact logoImpact

System Compromise: Remote code execution.

recomended-action-logoRecommended Actions

Apply the vendor provided patch:

Version Updates

Date Version Detail
2022-02-22 19.263