aboutsummaryrefslogtreecommitdiffstats
path: root/security/vuxml
diff options
context:
space:
mode:
authorpav <pav@FreeBSD.org>2005-09-16 04:14:26 +0800
committerpav <pav@FreeBSD.org>2005-09-16 04:14:26 +0800
commit4084129b05fd5318e75f5af39d4dd02b394e45c3 (patch)
treed3288d8c6c0732936a929a7d7aceaec3b7e3b23c /security/vuxml
parent06a26c13ee536f363350881f4a9c096aa1cb06b8 (diff)
downloadfreebsd-ports-gnome-4084129b05fd5318e75f5af39d4dd02b394e45c3.tar.gz
freebsd-ports-gnome-4084129b05fd5318e75f5af39d4dd02b394e45c3.tar.zst
freebsd-ports-gnome-4084129b05fd5318e75f5af39d4dd02b394e45c3.zip
- Add an entry on possible DOS condition regarding NTLM in squid
PR: ports/86179 Submitted by: Thomas-Martin Seck <tmseck@netcologne.de>
Diffstat (limited to 'security/vuxml')
-rw-r--r--security/vuxml/vuln.xml28
1 files changed, 28 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index df3115e607fb..29b46a26657e 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -21126,4 +21126,32 @@ misc.c:
<entry>2005-07-30</entry>
</dates>
</vuln>
+
+ <vuln vid="44e7764c-2614-11da-9e1e-c296ac722cb3">
+ <topic>squid -- possible denial of service condition regarding NTLM authentication</topic>
+ <affects>
+ <package>
+ <name>squid</name>
+ <range><lt>2.5.10_6</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The squid patches page notes:</p>
+ <blockquote cite="http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-NTLM-scheme_assert">
+ <p>Squid may crash with the above error [FATAL: Incorrect scheme in auth header] when given certain request sentences.</p>
+ <p>Workaround: disable NTLM authentication.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2005-2917</cvename>
+ <url>http://www.squid-cache.org/bugs/show_bug.cgi?id=1391</url>
+ <url>http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE10-NTLM-scheme_assert</url>
+ </references>
+ <dates>
+ <discovery>2005-09-12</discovery>
+ <entry>2005-09-15</entry>
+ </dates>
+ </vuln>
</vuxml>