This is an exploit for Squid's NTLM authenticate overflow (libntlmssp.c). Due to improper bounds checking in ntlm_check_auth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length.
c43f943216a1703933afd0ce0708c0542f099b2ad7ed5a159c445291d16c2bc5