diff options
author | pav <pav@FreeBSD.org> | 2005-09-16 04:14:26 +0800 |
---|---|---|
committer | pav <pav@FreeBSD.org> | 2005-09-16 04:14:26 +0800 |
commit | 4084129b05fd5318e75f5af39d4dd02b394e45c3 (patch) | |
tree | d3288d8c6c0732936a929a7d7aceaec3b7e3b23c /security/vuxml | |
parent | 06a26c13ee536f363350881f4a9c096aa1cb06b8 (diff) | |
download | freebsd-ports-gnome-4084129b05fd5318e75f5af39d4dd02b394e45c3.tar.gz freebsd-ports-gnome-4084129b05fd5318e75f5af39d4dd02b394e45c3.tar.zst freebsd-ports-gnome-4084129b05fd5318e75f5af39d4dd02b394e45c3.zip |
- Add an entry on possible DOS condition regarding NTLM in squid
PR: ports/86179
Submitted by: Thomas-Martin Seck <tmseck@netcologne.de>
Diffstat (limited to 'security/vuxml')
-rw-r--r-- | security/vuxml/vuln.xml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index df3115e607fb..29b46a26657e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -21126,4 +21126,32 @@ misc.c: <entry>2005-07-30</entry> </dates> </vuln> + + <vuln vid="44e7764c-2614-11da-9e1e-c296ac722cb3"> + <topic>squid -- possible denial of service condition regarding NTLM authentication</topic> + <affects> + <package> + <name>squid</name> + <range><lt>2.5.10_6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The squid patches page notes:</p> + <blockquote cite="http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-NTLM-scheme_assert"> + <p>Squid may crash with the above error [FATAL: Incorrect scheme in auth header] when given certain request sentences.</p> + <p>Workaround: disable NTLM authentication.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CAN-2005-2917</cvename> + <url>http://www.squid-cache.org/bugs/show_bug.cgi?id=1391</url> + <url>http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-NTLM-scheme_assert</url> + </references> + <dates> + <discovery>2005-09-12</discovery> + <entry>2005-09-15</entry> + </dates> + </vuln> </vuxml> |