CVE-2005-0097

Name of the Vulnerable Software and Affected Versions Squid versions 2.5.STABLE7 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a malformed NTLM type 3 message. This message triggers a NULL dereference in the NTLM component.

Recommendations For Squid versions 2.5.STABLE7 and earlier, consider disabling the NTLM component as a temporary workaround until a patch is available. Restrict access to the NTLM authentication module to minimize the risk of exploitation.