CVE-2022-41318

Name
CVE-2022-41318
Description
A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://github.com/squid-cache/squid/security/advisories/GHSA-394c-rr7q-6g78
MISC http://www.squid-cache.org/Versions/v5/changesets/SQUID-2022_2.patch
MISC http://www.squid-cache.org/Versions/v4/changesets/SQUID-2022_2.patch
CONFIRM https://www.openwall.com/lists/oss-security/2022/09/23/2

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:* squid >= 2.5 < 5.7

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
squid 3.15-main 5.2-r1 Natanael Copa <ncopa@alpinelinux.org> fixed
squid 3.16-main 5.5-r1 Natanael Copa <ncopa@alpinelinux.org> fixed