What is CVE-2004-0541?

CVE-2004-0541 is a vulnerability in N/a. Published 2004-06-10.

Is CVE-2004-0541 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-0541

Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable…

EPSS: 0.770 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

oval:org.mitre.oval:def:10722 (signature, x_refsource_OVAL, vdb-entry)
RHSA-2004:242 (x_refsource_REDHAT, vendor-advisory)
GLSA-200406-13 (vendor-advisory, x_refsource_GENTOO)
MDKSA-2004:059 (vendor-advisory, x_refsource_MANDRAKE)
FLSA-2006:152809 (vendor-advisory, x_refsource_FEDORA)
www.idefense.com/application/poi/display (x_refsource_MISC)
squid-ntlm-bo(16360) (vdb-entry, x_refsource_XF)
10500 (vdb-entry, x_refsource_BID)
2004-0033 (vendor-advisory, x_refsource_TRUSTIX)
oval:org.mitre.oval:def:980 (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2004-0541?: CVE-2004-0541 is a vulnerability in N/a. Published 2004-06-10.
Is CVE-2004-0541 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.