1. Home
  2. CVE Database
  3. CVE-2023-25564
MEDIUM · 6.5

CVE-2023-25564

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outle...

Vulnerability Description

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outlen` was not initialized and could cause writing a zero to an arbitrary place in memory if `ntlm_str_convert()` were to fail, which would leave `outlen` uninitialized. This can lead to a denial of service if the write hits unmapped memory or randomly corrupts a byte in the application memory space. This vulnerability can trigger an out-of-bounds write, leading to memory corruption. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This issue is fixed in version 1.2.0.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
HIGH

Affected Products

VendorProductVersions
Gss-Ntlmssp ProjectGss-Ntlmssp< 1.2.0

Related Weaknesses (CWE)

CWE-787

References

FAQ

What is CVE-2023-25564?

CVE-2023-25564 is a vulnerability with a CVSS score of 6.5 (MEDIUM). GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, memory corruption can be triggered when decoding UTF16 strings. The variable `outle...

How severe is CVE-2023-25564?

CVE-2023-25564 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-25564?

Check the references section above for vendor advisories and patch information. Affected products include: Gss-Ntlmssp Project Gss-Ntlmssp.