[squid-users] Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow Vulnerability

From: Mueller, Rex <rmueller@dont-contact.us>
Date: Thu, 10 Jun 2004 08:07:27 -0500

How do you patch squid to handle this vulnerability?=20

1. Squid Web Proxy Cache NTLM Authentication Helper Buffer Overflow
Vulnerability - Jun 9, 2004

Squid is a popular open source proxy server for POSIX platforms,
allowing for caching as well as content filtering. A remote attacker
can compromise a target system if Squid Proxy is configured to use the
NTLM authentication helper. The attacker can send an overly long
password to overflow the buffer and execute arbitrary code. iDEFENSE has
confirmed this vulnerability in Squid-Proxy 2.5.*-STABLE and 3.*-PRE
when Squid-Proxy is compiled with the NTLM helper enabled.

To get community support and perspective on this issue click here:
http://dsb.igxglobal.com/modules.php?name=3DForums&file=3Dviewforum&f=3D
2=

=============================================
Rex Mueller - Systems and Security Engineer
ESU#3
6949 S 110th Street
LaVista, Nebraska 68128
rmueller at esu3 dot org
=============================================
Received on Thu Jun 10 2004 - 07:12:06 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jul 01 2004 - 12:00:02 MDT