oval:org.mitre.oval:def:980

Definition Id: oval:org.mitre.oval:def:980

Oval ID:	oval:org.mitre.oval:def:980
Title:	NTLM Authentication BO in Squid Web Proxy Cache
Description:	Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0541	Version:	3
Platform(s):	Red Hat Enterprise Linux 3	Product(s):
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND squid version is less than 2.5.STABLE3-6.3E AND Configuration section squid is listening on the network