Detections
Analytics
Squid < 2.5.STABLE7 NTLM Authentication DoS
high Nessus Network Monitor Plugin ID 2255
Synopsis
The remote proxy server is vulnerable to a Denial of Service (DoS) attack.Description
The remote server is running a Squid proxy server. This version is reported vulnerable to a remote denial of service in the NTLM authentication routine. If NTLM authentication is enabled, an attacker may deny service to legitimate users by sending malformed NTLMSSP packets.Solution
Upgrade to Squid version 2.5.STABLE7 or later, or apply the vendor-supplied patch.See Also
http://www.squid-cache.org/Versions/v2/2.5/bugs
https://exchange.xforce.ibmcloud.com/vulnerabilities/17218
http://www.squid-cache.org/squid/Versions/v2/2.5/bugs/squid-2.5.STABLE6-ntlm_fetch_string.patch
Plugin Details
Severity: High
ID: 2255
Family: Web Servers
Published: 9/4/2004
Updated: 3/6/2019
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:X
Vulnerability Information
CPE: cpe:/a:squid-cache:squid
Patch Publication Date: 6/9/2004
Vulnerability Publication Date: 6/9/2004
Reference Information
CVE: CVE-2004-0832
BID: 11098