CVE-2002-0713

Name of the Vulnerable Software and Affected Versions Squid versions prior to 2.4.STABLE6

Description The issue is related to buffer overflows that can cause a denial of service (crash) and potentially allow the execution of arbitrary code. This can occur through the MSNT auth helper when using denyusers or allowusers files, via the gopher client, or via the FTP server directory listing parser when HTML output is generated.

Recommendations For Squid versions prior to 2.4.STABLE6, update to version 2.4.STABLE6 or later to resolve the issue. As a temporary workaround, consider restricting access to the MSNT auth helper, gopher client, and FTP server directory listing parser to minimize the risk of exploitation.