VYPR

libntlm

by libntlm

CVEs (1)

  • CVE-2019-17455CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.03

    Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.