cbcvebase.
CVE-2022-41318
published 2022-12-25

CVE-2022-41318: A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication…

PriorityP350high8.6CVSS 3.1
AVNACLPRNUINSCCHINAN
EPSS
2.82%
84.8th percentile
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.

Affected

8 ranges
VendorProductVersion rangeFixed in
debiansquid< squid 5.7-1 (bookworm)squid 5.7-1 (bookworm)
squid-cachesquid>= 2.5 < 5.75.7
squidsquid>= 0 < 4.13-10+deb11u24.13-10+deb11u2
squidsquid>= 0 < 5.7-15.7-1
squidsquid>= 0 < 5.7-15.7-1
squidsquid>= 0 < 5.7-15.7-1
squidsquid>= 0 < 4.10-1ubuntu1.74.10-1ubuntu1.7
squidsquid>= 0 < 5.2-1ubuntu4.25.2-1ubuntu4.2

CVSS provenance

nvdv3.18.6HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
osv8.6HIGH
vendor_debian8.6HIGH
vendor_redhat8.6HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.