CVE-2006-6982

Name of the Vulnerable Software and Affected Versions 3proxy versions 0.5 through 0.5.2

Description The issue arises because 3proxy does not prioritize NTLM authentication over basic authentication, which can lead to browsers using basic cleartext authentication even when NTLM is available. This makes it easier for attackers to steal credentials, particularly affecting browsers with incomplete support for RFC2616 and RFC2617.

Recommendations For versions 0.5 through 0.5.2, consider configuring the server to prioritize NTLM authentication, if possible, to mitigate the risk of credential theft. However, the exact configuration steps are not provided, so it is essential to consult the official documentation for guidance on authentication settings. At the moment, there is no information about a newer version that contains a fix for this vulnerability.