CVE-2019-17455 — Out-of-bounds Read in Libntlm
Severity
9.8CRITICALNVD
EPSS
7.1%
top 8.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 10
Latest updateMay 24
Description
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages4 packages
Also affects: Debian Linux 8.0, 9.0, Fedora 32, 33, Ubuntu Linux 14.04, 16.04, 18.04, 20.04
🔴Vulnerability Details
3📋Vendor Advisories
5Microsoft▶
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest tSmbNtlmAuthChallenge and tSmbNtlmAuthResponse read and write operations as demonstrated by a stack-based buffer over-read in ↗2019-10-08
Debian▶
CVE-2019-17455: libntlm - Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbN...↗2019
💬Community
4Bugzilla▶
CVE-2019-17455 libntlm: stack-based buffer overflow in buildSmbNtlmAuthRequest in smbutil.c↗2019-11-04
Bugzilla▶
CVE-2019-17455 libntlm: stack-based buffer overflow in buildSmbNtlmAuthRequest in smbutil.c [epel-7]↗2019-11-04
Bugzilla▶
CVE-2019-17455 libntlm: stack-based buffer overflow in buildSmbNtlmAuthRequest in smbutil.c [fedora-all]↗2019-11-04
Bugzilla
▶