CVE-2004-0541
CVE-2004-0541
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
Affected products
n/a · n/apublic PoCs found — 2
exploitdbwww.exploit-db.com/exploits/16847unverifiedexploitdbwww.exploit-db.com/exploits/9951unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.aschttp://fedoranews.org/updates/FEDORA--.shtmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/16360https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10722https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A980http://www.gentoo.org/security/en/glsa/glsa-200406-13.xmlhttp://www.idefense.com/application/poi/display?id=107&type=vulnerabilitieshttp://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:059http://www.redhat.com/support/errata/RHSA-2004-242.htmlhttp://www.securityfocus.com/bid/10500http://www.trustix.net/errata/2004/0033/