Aaron Costello

**Name of the Vulnerable Software and Affected Versions** Squid versions prior to 4.10 **Description** The issue exists due to insufficient input validation in the ext lm group acl, specifically in the NTLM authentication credentials parser. This can allow a remote attacker to terminate the Squid process, resulting in a denial of service for all clients using the proxy. The vulnerability occurs when the parser writes to memory outside the credentials buffer, which can cause the helper process to terminate unexpectedly on systems with memory access protections. **Recommendations** For Squid versions prior to 4.10, update to version 4.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the ext lm group acl module to minimize the risk of exploitation.