CVE-2022-41318
published 2022-12-25CVE-2022-41318: A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication…
PriorityP350high8.6CVSS 3.1
AVNACLPRNUINSCCHINAN
EPSS
2.82%
84.8th percentile
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | squid | < squid 5.7-1 (bookworm) | squid 5.7-1 (bookworm) |
| squid-cache | squid | >= 2.5 < 5.7 | 5.7 |
| squid | squid | >= 0 < 4.13-10+deb11u2 | 4.13-10+deb11u2 |
| squid | squid | >= 0 < 5.7-1 | 5.7-1 |
| squid | squid | >= 0 < 5.7-1 | 5.7-1 |
| squid | squid | >= 0 < 5.7-1 | 5.7-1 |
| squid | squid | >= 0 < 4.10-1ubuntu1.7 | 4.10-1ubuntu1.7 |
| squid | squid | >= 0 < 5.2-1ubuntu4.2 | 5.2-1ubuntu4.2 |
CVSS provenance
nvdv3.18.6HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
osv8.6HIGH
vendor_debian8.6HIGH
vendor_redhat8.6HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Squid vulnerabilities
vendor_ubuntu·2024-06-27·CVSS 7.5
CVE-2023-49286 [HIGH] Squid vulnerabilities
Title: Squid vulnerabilities
Summary: Several security issues were fixed in Squid.
Joshua Rogers discovered that Squid incorrectly handled requests with the
urn: scheme. A remote attacker could possibly use this issue to cause
Squid to consume resources, leading to a denial of service. This issue
only affected Ubuntu 16.04 LTS. (CVE-2021-28651)
It was discovered that Squid incorrectly handled SSPI and SMB
authentication. A remote attacker could use this issue to cause Squid to
crash, resulting in a denial of service, or possibly obtain sensitive
information. This issue only affected Ubuntu 16.04 LTS. (CVE-2022-41318)
Joshua Rogers discovered that Squid incorrectly handled HTTP message
processing. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a de
Ubuntu
Squid vulnerabilities
vendor_ubuntu·2022-09-26·CVSS 6.5
CVE-2022-41317 [MEDIUM] Squid vulnerabilities
Title: Squid vulnerabilities
Summary: Several security issues were fixed in Squid.
Mikhail Evdokimov discovered that Squid incorrectly handled cache manager
ACLs. A remote attacker could possibly use this issue to obtain sensitive
information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-41317)
It was discovered that Squid incorrectly handled SSPI and SMB
authentication. A remote attacker could use this issue to cause Squid to
crash, resulting in a denial of service, or possibly obtain sensitive
information. (CVE-2022-41318)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
squid: buffer-over-read in SSPI and SMB authentication
vendor_redhat·2022-09-23·CVSS 8.6
CVE-2022-41318 [HIGH] CWE-126 squid: buffer-over-read in SSPI and SMB authentication
squid: buffer-over-read in SSPI and SMB authentication
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
A flaw was found in Squid. An incorrect integer overflow protection in the Squid SSPI and SMB authentication helpers is vulnerable to a buffer overflow attack, resulting in information disclosure.
Mitigation: Disable use of the vulnerable authentication scheme.
Package: squid (Red Hat Enterprise Linux 6) - Out of support scope
Package: squid34 (Red Hat Enterprise Linux 6) - Out of support scope
Debian
CVE-2022-41318: squid - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due t...
vendor_debian·2022·CVSS 8.6
CVE-2022-41318 [HIGH] CVE-2022-41318: squid - A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due t...
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
Scope: local
bookworm: resolved (fixed in 5.7-1)
bullseye: resolved (fixed in 4.13-10+deb11u2)
forky: resolved (fixed in 5.7-1)
sid: resolved (fixed in 5.7-1)
trixie: resolved (fixed in 5.7-1)
OSV
squid3 vulnerabilities
osv·2024-06-27·CVSS 7.5
CVE-2021-28651 [HIGH] squid3 vulnerabilities
squid3 vulnerabilities
Joshua Rogers discovered that Squid incorrectly handled requests with the
urn: scheme. A remote attacker could possibly use this issue to cause
Squid to consume resources, leading to a denial of service. This issue
only affected Ubuntu 16.04 LTS. (CVE-2021-28651)
It was discovered that Squid incorrectly handled SSPI and SMB
authentication. A remote attacker could use this issue to cause Squid to
crash, resulting in a denial of service, or possibly obtain sensitive
information. This issue only affected Ubuntu 16.04 LTS. (CVE-2022-41318)
Joshua Rogers discovered that Squid incorrectly handled HTTP message
processing. A remote attacker could possibly use this issue to cause
Squid to crash, resulting in a denial of service. (CVE-2023-49285)
Joshua Rogers discovered t
OSV
CVE-2022-41318: A buffer over-read was discovered in libntlmauth in Squid 2
osv·2022-12-25·CVSS 8.6
CVE-2022-41318 [HIGH] CVE-2022-41318: A buffer over-read was discovered in libntlmauth in Squid 2
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
OSV
squid, squid3 vulnerabilities
osv·2022-09-26·CVSS 6.5
CVE-2022-41317 [MEDIUM] squid, squid3 vulnerabilities
squid, squid3 vulnerabilities
Mikhail Evdokimov discovered that Squid incorrectly handled cache manager
ACLs. A remote attacker could possibly use this issue to obtain sensitive
information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-41317)
It was discovered that Squid incorrectly handled SSPI and SMB
authentication. A remote attacker could use this issue to cause Squid to
crash, resulting in a denial of service, or possibly obtain sensitive
information. (CVE-2022-41318)
No detection rules found.
No public exploits indexed.
http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patchhttp://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patchhttps://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78https://www.openwall.com/lists/oss-security/2022/09/23/2http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patchhttp://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patchhttps://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78https://www.openwall.com/lists/oss-security/2022/09/23/2
2022-12-25
Published