Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2004-0541
Description:Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
Test IDs: 1.3.6.1.4.1.25623.1.0.50374   1.3.6.1.4.1.25623.1.0.12294   1.3.6.1.4.1.25623.1.0.54598   1.3.6.1.4.1.25623.1.0.50328   1.3.6.1.4.1.25623.1.0.50538   1.3.6.1.4.1.25623.1.0.52454   1.3.6.1.4.1.25623.1.0.51113  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2004-0541
BugTraq ID: 10500
http://www.securityfocus.com/bid/10500
http://fedoranews.org/updates/FEDORA--.shtml
http://www.gentoo.org/security/en/glsa/glsa-200406-13.xml
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:059
http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10722
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A980
RedHat Security Advisories: RHSA-2004:242
http://www.redhat.com/support/errata/RHSA-2004-242.html
SGI Security Advisory: 20040604-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
SuSE Security Announcement: SuSE-SA:2004:016 (Google Search)
http://www.trustix.net/errata/2004/0033/
XForce ISS Database: squid-ntlm-bo(16360)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16360




© 1998-2024 E-Soft Inc. All rights reserved.