First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 53367
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Carsten Lohrke <carlo@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
jaervosz: ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 53367 depends on: Show dependency tree
Bug 53367 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2004-06-08 17:50 0000 
Remote exploitation of a buffer overflow vulnerability in Squid Web
Proxy Cache could allow a remote attacker to execute arbitrary code.
Squid Web Proxy Cache supports Basic, Digest and NTLM authentication.
The vulnerability specifically exists within the NTLM authentication
helper routine, ntlm_check_auth(), located in
helpers/ntlm_auth/SMB/libntlmssp.c:

[...]

iDEFENSE has confirmed the existence of this vulnerability in
Squid-Proxy 2.5.*-STABLE and 3.*-PRE when Squid-Proxy is compiled with
the NTLM helper enabled.

http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities&flashstatus=true

------- Comment #1 From Thierry Carrez (RETIRED) 2004-06-09 01:49:36 0000 ------- 
CAN-2004-0541
I think the default is not to use NTLM auth cache helper so I rated this as C1 rather than B1.

Andrew: could you apply the patch provided at :
http://www.squid-cache.org/~wessels/patch/libntlmssp.c.patch
and bump to 2.5.5-r2 ?

Please also confirm if default configuration files shipped in Gentoo enable the NTLM auth cache helper or not...

Thanks !

------- Comment #2 From Carsten Lohrke 2004-06-09 07:11:12 0000 ------- 
Right, it's compiled in, but not enabled by default.

------- Comment #3 From Andrew Bevitt 2004-06-11 07:12:10 0000 ------- 
OK fix now just gone into CVS...

------- Comment #4 From Sune Kloppenborg Jeppesen 2004-06-11 10:07:14 0000 ------- 
x86 ppc sparc alpha hppa ia64: please mark stable

------- Comment #5 From Bryan Østergaard (RETIRED) 2004-06-11 21:55:38 0000 ------- 
Stable on alpha.

------- Comment #6 From Guy Martin 2004-06-12 10:27:47 0000 ------- 
Stable on hppa.

------- Comment #7 From Jason Wever (RETIRED) 2004-06-12 16:21:40 0000 ------- 
Stable on sparc.

------- Comment #8 From Brandon Hale (RETIRED) 2004-06-15 19:11:37 0000 ------- 
Stable on x86.

------- Comment #9 From Sune Kloppenborg Jeppesen 2004-06-16 05:40:01 0000 ------- 
GLSA drafted: security please review

ppc please mark stable

Please remove old unneeded versions from portage.

ia64 also remember to mark stable.

------- Comment #10 From Daniel Ostrow 2004-06-16 13:00:09 0000 ------- 
Stable on ppc.

------- Comment #11 From Andrew Bevitt 2004-06-17 02:33:32 0000 ------- 
waiting for ia64 to mark stable

------- Comment #12 From Kurt Lieber 2004-06-17 05:16:07 0000 ------- 
glsa 200406-13
First Last Prev Next    No search results available      Search page      Enter new bug