[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Squid Proxy NTLM Authentication Buffer Overflow Vulnerability



On Thu, Jul 01, 2004 at 11:52:30AM +0100, Eduardo Costa wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> http://www.securityfocus.com/bid/10500
> 
> Why, in Debian 3.0, the updates for this vulnerability, they did not
> to leave?

Woody is apparently not affected. See for example
 http://www.nl.debian.org/security/nonvulns-woody

 | CAN-2004-0541: squid: Buffer overflow in the ntlm_check_auth (NTLM
 | authentication) function (NTLM auth is not compiled in in woody)


Cheers,
Max

-- 
308E81E7B97963BCA0E6ED889D5BD511B7CDA2DC



Reply to: