CVE-2004-0541
EPSS 77.0%
Description
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
How to fix CVE-2004-0541
To remediate CVE-2004-0541, upgrade the affected package to a fixed version below.
- Debian/squid—upgrade to 2.5.5-5 or later
Is CVE-2004-0541 being exploited?
Likely — EPSS is 77.0%, placing CVE-2004-0541 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- from 0, < 2.5.5-5