← Back

Libntlm

libntlm

Vendor: Nongnu • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-17455
5Canonical
DebianFedoraproject+2 more
6Backports Sle
Debian LinuxFedora+3 more
Nov 21, 2024
Oct 10, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthR...Show more
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.Show less