Squid NTLM Buffer Overflow Vulnerability

June 15, 2004 D. H. McKee

Off

Remote exploitation of a buffer overflow vulnerability in Squid Web Proxy Cache could allow a remote attacker to execute arbitrary code. Squid Web Proxy Cache supports Basic, Digest and NTLM authentication.

A remote attacker can compromise a target system if Squid Proxy is configured to use the NTLM authentication helper. The attacker can send an overly long password to overflow the buffer and execute arbitrary code.

http://seclists.org/lists/fulldisclosure/2004/Jun/0210.html

Comments are closed.

About This Site

As a guy who occasionally curates art shows and wrangles artists together, I often have to edit and post artist bios, profile pictures, and artwork images. This can be a problem, since many artists and writers aren’t used to selling themselves. Artists rarely know how to present their art for display in a brochure, and writers aren’t used to writing about themselves.

Writers often treat the bio like it’s an interview or something. Maybe like they’re having a conversation with you, the reader. While it may work sometimes, the most common way to write a bio is to write in the 3rd person.

I’m like those writers, and I’m talking to you directly, unlike the common way to do a bio. You should see my About page. It makes sense to me, since this is a bit which describes my blog’s website. When I get famous enough that I don’t have time to talk to you, I’ll have an intern write everything in 3rd person. Until then, you get to talk to me.

Like blogs of old, this one is a personal document of the comings and goings of me. Articles I’ve written, links I’ve posted, videos I liked, etc. Here, a first-person perspective is the way to go, at least for now. So, this is my site. I’m D. H. McKee, a sometimes artist, sometimes writer. Mostly just a guy on the internet.