CVE-2002-0916

描述

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call.

受影響套件(1)

• Debian/squidfrom 0, < 2.4.7

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2002-0916