CVE-2004-0832
published 2004-11-03CVE-2004-0832: The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a…
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
10.66%
95.2th percentile
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | < squid 2.5.6-8 (bookworm) | squid 2.5.6-8 (bookworm) |
| squid | squid | <= 2.5.6 | — |
| squid | squid | >= 0 < 2.5.6-8 | 2.5.6-8 |
| squid | squid | >= 0 < 2.5.6-8 | 2.5.6-8 |
| squid | squid | >= 0 < 2.5.6-8 | 2.5.6-8 |
| squid | squid | >= 0 < 2.5.6-8 | 2.5.6-8 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
squid vulnerabilities
vendor_ubuntu·2004-11-07
CVE-2004-0832 squid vulnerabilities
Title: squid vulnerabilities
Summary: squid vulnerabilities
Recently, two Denial of Service vulnerabilities have been discovered
in squid, a WWW proxy cache. Insufficient input validation in the NTLM
authentication handler allowed a remote attacker to crash the service
by sending a specially crafted NTLMSSP packet. Likewise, due to an
insufficient validation of ASN.1 headers, a remote attacker could
restart the server (causing all open connections to be dropped) by
sending certain SNMP packets with negative length fields.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2004-08-18·CVSS 5.0
CVE-2004-0832 [MEDIUM] security flaw
security flaw
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
Debian
CVE-2004-0832: squid - The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and e...
vendor_debian·2004·CVSS 5.0
CVE-2004-0832 [MEDIUM] CVE-2004-0832: squid - The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and e...
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
Scope: local
bookworm: resolved (fixed in 2.5.6-8)
bullseye: resolved (fixed in 2.5.6-8)
forky: resolved (fixed in 2.5.6-8)
sid: resolved (fixed in 2.5.6-8)
trixie: resolved (fixed in 2.5.6-8)
GHSA
GHSA-8v38-vrv4-372w: The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2
ghsa_unreviewed·2022-04-29
CVE-2004-0832 [MEDIUM] GHSA-8v38-vrv4-372w: The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
OSV
CVE-2004-0832: The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2
osv·2004-11-03·CVSS 5.0
CVE-2004-0832 [MEDIUM] CVE-2004-0832: The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2004-0832 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2004-0832 [MEDIUM] CVE-2004-0832 security flaw
CVE-2004-0832 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The (1) ntlm_fetch_string and (2) ntlm_get_string functions in Squid 2.5.6 and earlier, with NTLM authentication enabled, allow remote attackers to cause a denial of service (application crash) via an NTLMSSP packet that causes a negative value to be passed to memcpy.
Bugzilla
Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345
bugzilla·2004-10-11·CVSS 7.5
CVE-2004-0541 [HIGH] Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345
Squid Multiple Vulnerabilities (CVE-2004-0541 CVE-2004-0832 CVE-2004-0918 CVE-2005-0094 CVE-2005-0095 CVE-2005-0096 CVE-2005-0097 CVE-2005-0446 CVE-2005-0626 CVE-2005-0718 CVE-1999-0710 CVE-2005-1345 CVE-2005-1519 CVE-2004-2479 CVE-2005-2794 CVE-2005-...
iDEFENSE reported on 2004-10-11 a vulnerability in the squid SNMP
module. This issue could lead to a potential DOS (it will restart
the server, dropping all open connections).
http://www.idefense.com/application/poi/display?id=152&type=vulnerabilities
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135320
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=135319
------- Additional Comments From [email protected] 2004-10-11 19:30:05 ----
Patch available here:
http://www1.uk.squid-cache.org/squid/Versions/v2/2
http://fedoranews.org/updates/FEDORA--.shtmlhttp://www.gentoo.org/security/en/glsa/glsa-200409-04.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2004:093http://www.securityfocus.com/bid/11098http://www.squid-cache.org/bugs/show_bug.cgi?id=1045http://www.trustix.org/errata/2004/0047/http://www1.uk.squid-cache.org/squid/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-ntlm_fetch_stringhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17218https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10489http://fedoranews.org/updates/FEDORA--.shtmlhttp://www.gentoo.org/security/en/glsa/glsa-200409-04.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2004:093http://www.securityfocus.com/bid/11098http://www.squid-cache.org/bugs/show_bug.cgi?id=1045http://www.trustix.org/errata/2004/0047/http://www1.uk.squid-cache.org/squid/Versions/v2/2.5/bugs/#squid-2.5.STABLE6-ntlm_fetch_stringhttps://exchange.xforce.ibmcloud.com/vulnerabilities/17218https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10489
2004-11-03
Published