New Search

The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier with NTLM authentication enabled allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.

oval:org.mitre.oval:def:10489

The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier with NTLM authentication enabled allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
  • CentOS Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2004-0832
Product(s):