Lucene search
+L

11 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25563)

The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25563 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to...

7.5CVSS6AI score0.01091EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/05/15 9:13 p.m.7 views

CVE-2023-25563 affecting package gssntlmssp for versions less than 1.3.1-1

CVE-2023-25563 affecting package gssntlmssp for versions less than 1.3.1-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.9AI score0.01091EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.15 views

openSUSE: Security Advisory for gssntlmssp (openSUSE-SU-2023:0048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.8AI score0.01942EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2023/05/24 12:0 a.m.13 views

gssntlmssp security update

1.2.0-1 - New release 1.2.0 - Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields - Fix CVE-2023-25564: memory corruption when decoding UTF16 strings - Fix CVE-2023-25565: incorrect free when decoding target information - Fix CVE-2023-25566: memory leak when parsing username...

8.2CVSS7.3AI score0.01942EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.30 views

Oracle Linux 8 : gssntlmssp (ELSA-2023-3097)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3097 advisory. - Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields - Fix CVE-2023-25564: memory corruption when decoding UTF16 strings - Fix...

8.2CVSS7.7AI score0.01942EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/05/19 12:0 a.m.26 views

AlmaLinux 8 : gssntlmssp (ALSA-2023:3097)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3097 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds reads when...

8.2CVSS8AI score0.01942EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/16 10:7 a.m.17 views

Moderate: Red Hat Security Advisory: gssntlmssp security update

An update for gssntlmssp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.2CVSS7.2AI score0.01942EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/02/23 12:0 a.m.9 views

Fedora: Security Advisory for gssntlmssp (FEDORA-2023-cb63c0f615)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS7.7AI score0.01942EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/02/22 12:0 a.m.25 views

Fedora 37 : gssntlmssp (2023-cb63c0f615)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-cb63c0f615 advisory. Patched several CVEs reported by GitHub Security Lab CVE-2023-25563 CVE-2023-25564 CVE-2023-25565 CVE-2023-25566 CVE-2023-25567 Tenable has extracte...

8.2CVSS7.6AI score0.01942EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/02/19 12:0 a.m.16 views

openSUSE 15 Security Update : gssntlmssp (openSUSE-SU-2023:0048-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0048-1 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, multiple out-of-bounds rea...

8.2CVSS8AI score0.01942EPSS
Exploits0References16
CVE
CVE
added 2023/02/14 5:35 p.m.84 views

CVE-2023-25563

CVE-2023-25563 affects the GSS-NTLMSSP mechglue for the GSSAPI library. The vulnerability arises from multiple out-of-bounds reads when decoding NTLM fields and a 32-bit integer overflow that can cause improper length checks of internal buffers. If an application accepts NTLM tokens longer than 4...

7.5CVSS6.6AI score0.01091EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder