Test Kennung:	1.3.6.1.4.1.25623.1.0.54290
Kategorie:	Trustix Local Security Checks
Titel:	Trustix Security Advisory TSLSA-2004-0033 (squid)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory TSLSA-2004-0033. Remote exploitation of a buffer overflow vulnerability in Squid Web Proxy Cache could allow a remote attacker to execute arbitrary code. Squid Web Proxy Cache supports Basic, Digest and NTLM authentication. The vulnerability specifically exists within the NTLM authentication helper routine, ntlm_check_auth(), located in helpers/ntlm_auth/SMB/libntlmssp.c The function contains a buffer overflow vulnerability due to a lack of bounds checking on the values copied to the 'pass' variable. Both the 'tmp.str' and 'tmp.l' variables used in the memcpy() call contain user-supplied data. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2004-0033 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.