Linux Distros Unpatched Vulnerability : CVE-2019-17455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as...

Ubuntu 16.04 ESM : Libntlm vulnerability (USN-5108-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5108-2 advisory. USN-5108-1 fixed a vulnerability in Libntlm. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

SUSE CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

CVE-2019-17455 affecting package libntlm for versions less than 1.6-1

CVE-2019-17455 affecting package libntlm for versions less than 1.6-1. An upgraded version of the package is available that resolves this issue...

scoreware.de Improper Access Control vulnerability OBB-2396011

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

[SECURITY] [DLA 2831-1] libntlm security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2831-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 28, 2021 https://wiki.debian.org/LTS -...

Ubuntu: Security Advisory (USN-5108-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS : libntlm vulnerability (USN-5108-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5108-1 advisory. It was discovered that Libntlm incorrectly handled specially crafted NTML requests. An attacker could possibly use this issue to cause a denial of...

Fedora: Security Advisory for libntlm (FEDORA-2020-1f643c272c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : libntlm (openSUSE-2020-806)

This update for libntlm fixes the following issues : Update to release 1.6 : - CVE-2019-17455: Fixed a buffer overflow in buildSmbNtlmAuth function. boo1153669 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

OPENSUSE-SU-2020:0806-1 Security update for libntlm

This update for libntlm fixes the following issues: Update to release 1.6: CVE-2019-17455: Fixed a buffer overflow in buildSmbNtlmAuth function. boo1153669...

Updated libntlm packages fix security vulnerability

Updated libntlm packages fix security vulnerability: It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in...

MGASA-2020-0219 Updated libntlm packages fix security vulnerability

Updated libntlm packages fix security vulnerability: It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in...

[SECURITY] [DLA 2207-1] libntlm security update

Package : libntlm Version : 1.4-3+deb8u1 CVE ID : CVE-2019-17455 It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in...

CVE-2019-17455

A flaw was found in the libntlm NTLM library where it was vulnerable to a buffer overflow in the buildSmbNtlmAuthRequestuserlen function. If an application using this library does not check input length before calling the function, an attacker could use this flaw to send a specially crafted reque...

DEBIAN-CVE-2019-17455

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request...

CVE-2019-17455

CVE-2019-17455 affects libntlm up to version 1.5, due to a fixed buffer size in tSmbNtlmAuthRequest/Challenge/Response that enables a stack-based over-read in buildSmbNtlmAuthRequest (NTLM crafted requests). Upstream fixes exist; Debian/Mageia/Fedora advisories show later packages patching this, ...