Squid is a feature-rich web-proxy with support for various web-related protocols. The NTLM authentication helper application of Squid is vulnerable to a buffer overflow that can be exploited remotely by using a long password to execute arbitrary code. NTLM authentication is enabled by default in the Squid package that is shipped by SUSE LINUX.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 9.0 | x86_64 | squid | < 2.5.STABLE3-110 | squid-2.5.STABLE3-110.x86_64.rpm |
openSUSE | 9.0 | i586 | squid | < 2.5.STABLE3-110 | squid-2.5.STABLE3-110.i586.rpm |
openSUSE | 8.0 | i386 | squid | < 2.4.STABLE6-9 | squid-2.4.STABLE6-9.i386.rpm |
openSUSE | 9.1 | i586 | squid | < 2.5.STABLE5-42.9 | squid-2.5.STABLE5-42.9.i586.rpm |
openSUSE | 9.1 | x86_64 | squid | < 2.5.STABLE5-42.9 | squid-2.5.STABLE5-42.9.x86_64.rpm |
openSUSE | 8.2 | i586 | squid | < 2.5.STABLE1-98 | squid-2.5.STABLE1-98.i586.rpm |