Test ID:	1.3.6.1.4.1.25623.1.0.12294
Category:	Gain a shell remotely
Title:	Squid Remote NTLM auth buffer overflow
Summary:	NOSUMMARY
Description:	Description: The remote server is vulnerable to a remote buffer overflow in the NTLM authentication routine. Exploitation of this bug can allow remote attackers to gain access to confidential data. Squid 2.5*-STABLE and 3.*-PRE are reported vulnerable. See also: http://www.squid-cache.org Solution: apply the relevant patch from http://www.squid-cache.org/~ wessels/patch/libntlmssp.c.patch Risk factor : High
Cross-Ref:	BugTraq ID: 10500 Common Vulnerability Exposure (CVE) ID: CVE-2004-0541 http://www.securityfocus.com/bid/10500 http://fedoranews.org/updates/FEDORA--.shtml http://www.gentoo.org/security/en/glsa/glsa-200406-13.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:059 http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10722 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A980 http://www.redhat.com/support/errata/RHSA-2004-242.html SGI Security Advisory: 20040604-01-U ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc SuSE Security Announcement: SuSE-SA:2004:016 (Google Search) http://www.trustix.net/errata/2004/0033/ XForce ISS Database: squid-ntlm-bo(16360) https://exchange.xforce.ibmcloud.com/vulnerabilities/16360
Copyright	This script is Copyright (C) 2004 Tenable Network Security

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.