Lucene search

K

RedosROS-20230317-02

HistoryMar 17, 2023 - 12:00 a.m.

ROS-20230317-02

2023-03-1700:00:00

redos.red-soft.ru

8

squid

vulnerability

bug

libntlmauth

remote disclosure

denial of service

integer overflow

unix

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

41.5%

Squid vulnerability related to a bug in libntlmauth due to improper integer overflow protection
integer overflow protection in Squid SSPI and SMB authentication helpers. Exploitation of the vulnerability could allow an attacker,
acting remotely to disclose information or cause a denial of service.

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64squid<= 5.5-3UNKNOWN

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

41.5%

Related for ROS-20230317-02