aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorjosef <josef@FreeBSD.org>2004-10-19 04:21:39 +0800
committerjosef <josef@FreeBSD.org>2004-10-19 04:21:39 +0800
commitabc533dd640e99ae8b8fa4cf0374084962cd8ae5 (patch)
tree5ef672762530640fd4ec961ce279a8b9fcef2944 /security
parent7934dacd8e7e31d3d3a571b8a1d5b5d7bbae776c (diff)
downloadfreebsd-ports-gnome-abc533dd640e99ae8b8fa4cf0374084962cd8ae5.tar.gz
freebsd-ports-gnome-abc533dd640e99ae8b8fa4cf0374084962cd8ae5.tar.zst
freebsd-ports-gnome-abc533dd640e99ae8b8fa4cf0374084962cd8ae5.zip
Document NTLM authentication vulnerability in squid
Approved by: nectar
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml26
1 files changed, 26 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 941c4621d92b..1609d3169bf8 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,32 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="064225c5-1f53-11d9-836a-0090962cff2a">
+ <topic>squid -- NTLM authentication denial-of-service vulnerability</topic>
+ <affects>
+ <package>
+ <name>squid</name>
+ <range><lt>2.5.7</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>A remote attacker is able to cause a denial-of-service
+ situation, when NTLM authentication is enabled in squid.
+ NTLM authentication uses two functions which lack correct
+ offset checking.</p>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2004-0832</cvename>
+ <url>http://www.squid-cache.org/bugs/show_bug.cgi?id=1045</url>
+ </references>
+ <dates>
+ <discovery>2004-08-18</discovery>
+ <entry>2004-08-16</entry>
+ </dates>
+ </vuln>
+
<vuln vid="ca543e06-207a-11d9-814e-0001020eed82">
<topic>cacti -- SQL injection</topic>
<affects>
generated by cgit (git 2.34.1) at 2024-11-05 22:45:51 +0800