Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On systems with memory access protections, this can result in the helper process being terminated unexpectedly. This leads to the Squid process also terminating and a denial of service for all clients using the proxy.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Squid 输入验证错误漏洞
Vulnerability Description
Squid是一套代理服务器和Web缓存服务器软件。该软件提供缓存万维网、过滤流量、代理上网等功能。 Squid 4.1.0之前版本中的ext_lm_group_acl二进制文件的NTLM身份验证凭据解析器存在输入验证错误漏洞。远程攻击者可借助特制请求利用该漏洞导致程序进程意外终止(拒绝服务)。
CVSS Information
N/A
Vulnerability Type
N/A