Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2004-0832 |
Description: | The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy. |
Test IDs: | 1.3.6.1.4.1.25623.1.0.50574 1.3.6.1.4.1.25623.1.0.54295 1.3.6.1.4.1.25623.1.0.51178 1.3.6.1.4.1.25623.1.0.52337 1.3.6.1.4.1.25623.1.0.52902 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0832 BugTraq ID: 11098 http://www.securityfocus.com/bid/11098 http://fedoranews.org/updates/FEDORA--.shtml http://www.gentoo.org/security/en/glsa/glsa-200409-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:093 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10489 http://www.trustix.org/errata/2004/0047/ XForce ISS Database: squid-ntlmssp-dos(17218) https://exchange.xforce.ibmcloud.com/vulnerabilities/17218 |