What Are You Looking For?

Sign Up

Package        : libntlm
Version        : 1.4-3+deb8u1
CVE ID         : CVE-2019-17455


It was discovered that libntlm through 1.5 relies on a fixed buffer
size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and
tSmbNtlmAuthResponse
read and write operations, as demonstrated by a stack-based buffer
over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM
request.

For Debian 8 "Jessie", this problem has been fixed in version
1.4-3+deb8u1.

We recommend that you upgrade your libntlm packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-2207-1: libntlm security update

May 10, 2020
It was discovered that libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse

Summary

For Debian 8 "Jessie", this problem has been fixed in version
1.4-3+deb8u1.

We recommend that you upgrade your libntlm packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
Package : libntlm
Version : 1.4-3+deb8u1
CVE ID : CVE-2019-17455

Related News

CVE-2023-4911: Looney Tunables – Local Privilege Escalation in the glibc’s ld.so

Oct 19, 2023

P2PInfect Botnet Activity Surges 600x with Stealthier Malware Variants

Sep 22, 2023

Mitigations for Critical c-ares DoS, Code Execution Bug Released

Sep 29, 2023

High-Severity ntfs-3g Buffer Overflow Vulns Fixed

Jun 1, 2023

News

Advisories

HOWTOs

Features

A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug
Cyber Law in the Realm of Open-Source Software Security

About Us

Powered By

Footer Logo