CVEs-PoC/2019/CVE-2019-17455.md at ce630fb5b2ef83e082535dd0dbbd9d5ffd3f700e

mirror of https://github.com/0xMarcio/cve.git synced 2026-03-17 18:56:12 +00:00

Files

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.

POC

Reference

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942145
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942145
https://gitlab.com/jas/libntlm/issues/2
https://gitlab.com/jas/libntlm/issues/2

Github

https://github.com/jas4711/libntlm

893 B Raw Blame History

CVE-2019-17455

Description

POC

Reference

Github

893 B

Raw Blame History