PT-2023-20164 · Unknown+3 · Gss-Ntlmssp+3

Philipturnbull

Published

2023-02-12

Updated

2023-05-16

CVE-2023-25566

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions GSS-NTLMSSP versions prior to 1.2.0

Description GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. A memory leak can be triggered when parsing usernames, potentially causing a denial-of-service. The domain portion of a username may be overridden, causing an allocated memory area the size of the domain name to be leaked. An attacker can leak memory via the main gss accept sec context entry point.

Recommendations For versions prior to 1.2.0, update to version 1.2.0 to resolve the issue. As a temporary workaround, consider restricting the use of the gss accept sec context entry point to minimize the risk of exploitation.

Exploit

Fix

DoS

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2023:3097

AZL-43471

AZL-44997

BDU:2025-12445

CESA-2023_3097

CVE-2023-25566

GHSA-MFM4-6G58-JW74

MGASA-2023-0108

OPENSUSE-SU-2023:0048-1

OPENSUSE-SU-2024:12701-1

RHSA-2023:3097

RHSA-2023_3097

Affected Products

Almalinux

Centos

Gss-Ntlmssp

Red Hat

PT-2023-20164 · Unknown+3 · Gss-Ntlmssp+3

CVE-2023-25566

Weakness Enumeration

Related Identifiers

Affected Products

References · 44