27 matches found
Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25566)
The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25566 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to...
Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25563)
The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25563 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to...
Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25565)
The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25565 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to...
Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25567)
The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25567 advisory. - GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication, has an out-of...
Azure Linux 3.0 Security Update: gssntlmssp (CVE-2023-25564)
The version of gssntlmssp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25564 advisory. - GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to...
MiracleLinux 8 : gssntlmssp-1.2.0-1.el8.ML.1 (AXSA:2023-6149:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6149:01 advisory. gssntlmssp: multiple out-of-bounds read when decoding NTLM fields CVE-2023-25563 gssntlmssp: memory corruption when decoding UTF16 strings...
CVE-2023-25565 affecting package gssntlmssp for versions less than 1.3.1-1
CVE-2023-25565 affecting package gssntlmssp for versions less than 1.3.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-25563 affecting package gssntlmssp for versions less than 1.3.1-1
CVE-2023-25563 affecting package gssntlmssp for versions less than 1.3.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-25564 affecting package gssntlmssp for versions less than 1.3.1-1
CVE-2023-25564 affecting package gssntlmssp for versions less than 1.3.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-25566 affecting package gssntlmssp for versions less than 1.3.1-1
CVE-2023-25566 affecting package gssntlmssp for versions less than 1.3.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2023-25567 affecting package gssntlmssp for versions less than 1.3.1-1
CVE-2023-25567 affecting package gssntlmssp for versions less than 1.3.1-1. An upgraded version of the package is available that resolves this issue...
RHSA-2023:3097 Red Hat Security Advisory: gssntlmssp security update
Bulletin has no description...
OPENSUSE-SU-2024:12701-1 gssntlmssp-1.2.0-1.1 on GA media
These are all security issues fixed in the gssntlmssp-1.2.0-1.1 package on the GA media of openSUSE Tumbleweed...
openSUSE: Security Advisory for gssntlmssp (openSUSE-SU-2023:0048-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
gssntlmssp security update
1.2.0-1 - New release 1.2.0 - Fix CVE-2023-25563: multiple out-of-bounds read when decoding NTLM fields - Fix CVE-2023-25564: memory corruption when decoding UTF16 strings - Fix CVE-2023-25565: incorrect free when decoding target information - Fix CVE-2023-25566: memory leak when parsing username...
gssntlmssp: incorrect free when decoding target information
A flaw was found in GSS-NTLMSSP, a mechglue plugin for the GSSAPI library that implements NTLM authentication. An incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the cb and sh buffers contain a copy of the data that needs to...
Moderate: Red Hat Security Advisory: gssntlmssp security update
An update for gssntlmssp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
ALSA-2023:3097 Moderate: gssntlmssp security update
The gssntlmssp is a GSSAPI NTLM mechanism that allows to perform NTLM authentication in GSSAPI programs. Security Fixes: gssntlmssp: multiple out-of-bounds read when decoding NTLM fields CVE-2023-25563 gssntlmssp: memory corruption when decoding UTF16 strings CVE-2023-25564 gssntlmssp: incorrect...
RHEL 8 : gssntlmssp (RHSA-2023:3097)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3097 advisory. The gssntlmssp is a GSSAPI NTLM mechanism that allows to perform NTLM authentication in GSSAPI programs. Security Fixes: gssntlmssp: multipl...
Mageia: Security Advisory (MGASA-2023-0108)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...