Multiple vulnerabilities in Gss-ntlmssp
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2023-25567 CVE-2023-25566 CVE-2023-25565 CVE-2023-25564 CVE-2023-25563 |
| CWE-ID | CWE-125 CWE-401 CWE-763 CWE-787 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Gss-ntlmssp Other |
| Vendor | modauthgssapi |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Out-of-bounds read
EUVDB-ID: #VU76197
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25567
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsGss-ntlmssp: 0.1.0 - 1.1.0
CPE2.3- cpe:2.3::modauthgssapi:gss-ntlmssp:0.1.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.2.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.3.0:*:*:*:*:*:*:*
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-24pf-6prf-24ch
https://github.com/gssapi/gss-ntlmssp/releases/tag/v1.2.0
https://github.com/gssapi/gss-ntlmssp/commit/025fbb756d44ffee8f847db4222ed6aa4bd1fbe4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory leak
EUVDB-ID: #VU76196
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25566
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak when parsing usernames. A remote attacker can force the application to leak memory and perform denial of service attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGss-ntlmssp: 0.1.0 - 1.1.0
CPE2.3- cpe:2.3::modauthgssapi:gss-ntlmssp:0.1.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.2.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.3.0:*:*:*:*:*:*:*
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-mfm4-6g58-jw74
https://github.com/gssapi/gss-ntlmssp/releases/tag/v1.2.0
https://github.com/gssapi/gss-ntlmssp/commit/8660fb16474054e692a596e9c79670cd4d3954f4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Release of invalid pointer or reference
EUVDB-ID: #VU76195
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25565
CWE-ID:
CWE-763 - Release of invalid pointer or reference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsGss-ntlmssp: 0.1.0 - 1.1.0
CPE2.3- cpe:2.3::modauthgssapi:gss-ntlmssp:0.1.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.2.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.3.0:*:*:*:*:*:*:*
https://github.com/gssapi/gss-ntlmssp/releases/tag/v1.2.0
https://github.com/gssapi/gss-ntlmssp/commit/c16100f60907a2de92bcb676f303b81facee0f64
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-7q7f-wqcg-mvfg
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds write
EUVDB-ID: #VU76194
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25564
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary in the ntlm_str_convert() function error when decoding UTF16 strings. A remote attacker can send specially crafted NTLM request to the application, trigger an out-of-bounds write error and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGss-ntlmssp: 0.1.0 - 1.1.0
CPE2.3- cpe:2.3::modauthgssapi:gss-ntlmssp:0.1.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.2.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.3.0:*:*:*:*:*:*:*
https://github.com/gssapi/gss-ntlmssp/commit/c753000eb31835c0664e528fbc99378ae0cbe950
https://github.com/gssapi/gss-ntlmssp/releases/tag/v1.2.0
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-r85x-q5px-9xfq
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU76193
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-25563
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition when decoding NTLM fields. A remote attacker can send specially crafted NTLM request to the application, trigger an out-of-bounds read error and perform a denial of service (DoS) attack.
Install updates from vendor's website.
Vulnerable software versionsGss-ntlmssp: 0.1.0 - 1.1.0
CPE2.3- cpe:2.3::modauthgssapi:gss-ntlmssp:0.1.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.2.0:*:*:*:*:*:*:*
- cpe:2.3::modauthgssapi:gss-ntlmssp:0.3.0:*:*:*:*:*:*:*
https://github.com/gssapi/gss-ntlmssp/commit/97c62c6167299028d80765080e74d91dfc99efbd
https://github.com/gssapi/gss-ntlmssp/releases/tag/v1.2.0
https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-jjjx-5qf7-9mgf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
