Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25565)

The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25565 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to...

7.5CVSS5.7AI score0.01103EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/05/15 9:13 p.m.8 views

CVE-2023-25565 affecting package gssntlmssp for versions less than 1.3.1-1

CVE-2023-25565 affecting package gssntlmssp for versions less than 1.3.1-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.9AI score0.01103EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-25565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target...

7.5CVSS7.2AI score0.01103EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.15 views

openSUSE: Security Advisory for gssntlmssp (openSUSE-SU-2023:0048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.8AI score0.01942EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2023/05/24 12:0 a.m.13 views

gssntlmssp security update

1.2.0-1 - New release 1.2.0 - Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields - Fix CVE-2023-25564: memory corruption when decoding UTF16 strings - Fix CVE-2023-25565: incorrect free when decoding target information - Fix CVE-2023-25566: memory leak when parsing username...

8.2CVSS7.3AI score0.01942EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.30 views

Oracle Linux 8 : gssntlmssp (ELSA-2023-3097)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3097 advisory. - Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields - Fix CVE-2023-25564: memory corruption when decoding UTF16 strings - Fix...

8.2CVSS7.7AI score0.01942EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/05/19 12:0 a.m.26 views

AlmaLinux 8 : gssntlmssp (ALSA-2023:3097)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3097 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when...

8.2CVSS8AI score0.01942EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 10:7 a.m.16 views

Moderate: Red Hat Security Advisory: gssntlmssp security update

An update for gssntlmssp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.2CVSS7.2AI score0.01942EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.9 views

Fedora: Security Advisory for gssntlmssp (FEDORA-2023-cb63c0f615)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS7.7AI score0.01942EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.25 views

Fedora 37 : gssntlmssp (2023-cb63c0f615)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-cb63c0f615 advisory. Patched several CVEs reported by GitHub Security Lab CVE-2023-25563 CVE-2023-25564 CVE-2023-25565 CVE-2023-25566 CVE-2023-25567 Tenable has extracte...

8.2CVSS7.6AI score0.01942EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/02/19 12:0 a.m.16 views

openSUSE 15 Security Update : gssntlmssp (openSUSE-SU-2023:0048-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0048-1 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds rea...

8.2CVSS8AI score0.01942EPSS
Exploits0References16
Circl
Circl
added 2023/02/14 8:35 p.m.5 views

CVE-2023-25565

creationtimestamp| type| source ---|---|--- 2023-02-14 20:35:55+00:00| seen| https://t.me/cibsecurity/58131...

7.5CVSS7.2AI score0.01103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/02/14 5:35 p.m.3 views

CVE-2023-25565 GSS-NTLMSSP vulnerable to incorrect free when decoding target information

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the cb and sh buffers contain a copy of the data that...

7.5CVSS7.6AI score0.01103EPSS
Exploits0References3
CVE
CVE
added 2023/02/14 5:35 p.m.70 views

CVE-2023-25565

The CVE-2023-25565 vulnerability affects the GSS-NTLMSSP component (NTLM mechglue for GSSAPI). Prior to version 1.2.0, an incorrect free during decoding of target information can trigger a denial-of-service by causing a false assumption that certain buffers contain data to free; exploitation is r...

7.5CVSS7.2AI score0.01103EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2023/02/14 5:35 p.m.20 views

CVE-2023-25565

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the cb and sh buffers contain a copy of the data that...

7.5CVSS7.3AI score0.01103EPSS
Exploits0
Rows per page
Query Builder