|
Squid Proxy NTLM Fakeauth_Auth Memory Leak Remote Denial Of Service Vulnerability
Squid is reported to be susceptible to a denial-of-service vulnerability in its NTLM authentication module. This vulnerability presents itself when an attacker sends unspecified NTLM data to Squid. The issue is caused by a memory leak -- memory allocated to store a base64-decoded string is not freed. Presumably, this issue allows an attacker to cause the NTLM helper application to run out of memory and fail. |
|
|
Privacy Statement |
