| VID |
22375 |
| Severity |
30 |
| Port |
8080,3128 |
| Protocol |
TCP |
| Class |
Webproxy |
| Detailed Description |
The relevant host is running a version of Squid caching proxy which is older or as old as than 2.5.STABLE10. Squid is a freely available Web Proxy server for Linux and Unix distributions. Squid Web Proxy Cache version 2.5.STABLE10 and earlier versions are vulnerable to a denial of service attack, caused due to an error in handling changes in the authentication scheme when NTLM authentication is used. A remote attacker can exploit this vulnerability to stop the affected application, thereby denying access to legitimate users.
* Note: This check solely relied on the banner of the remote Squid Web Proxy Cache server to assess this vulnerability, so this might be a false positive.
* References:
http://www.squid-cache.org/bugs/show_bug.cgi?id=1391
http://secunia.com/advisories/16992
* Platforms Affected:
National Science Foundation, Squid Web Proxy Cache version 2.5.STABLE10 and earlier versions
Linux Any version
Unix Any version |
| Recommendation |
Apply the 2.5.STABLE10-NTLM-scheme_assert-3 patch, available from the Squid 2.5 Patches Web page at squid-2.5.STABLE10-NTLM-scheme_assert-3.patch |
| Related URL |
CVE-2005-2917 (CVE) |
| Related URL |
14977 (SecurityFocus) |
| Related URL |
(ISS) |
|
