Approved changes feed: RSS · Atom

cpe:2.3:a:nongnu:libntlm:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorNongnu (2a4ff73f-605f-5ecb-9f22-a9e82e6c3477)
ProductLibntlm (23a39935-339e-51a3-8037-2f7b994820cc)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/libntlm purl2cpe 2026-06-01 10:12:38.189432
pkg:deb/ubuntu/libntlm purl2cpe 2026-06-01 10:12:38.189435
pkg:github/gitgnu/gnu_libntlm purl2cpe 2026-06-01 10:12:38.189438
pkg:gnu/libntlm purl2cpe 2026-06-01 10:12:38.189441
pkg:rpm/fedora/libntlm purl2cpe 2026-06-01 10:12:38.189443
pkg:rpm/opensuse/libntlm purl2cpe 2026-06-01 10:12:38.189446

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-17455 vulnerable 2026-06-08 05:13:10.531812 Details available
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
Published: 2019-10-10T17:17:48.000Z
Updated: 2024-08-05T01:40:15.921Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.