Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and previous versions, allows remote malicious users to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stellar-x software msntauth |