Test ID:	1.3.6.1.4.1.25623.1.1.10.2023.0108
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2023-0108)
Summary:	The remote host is missing an update for the 'gssntlmssp' package(s) announced via the MGASA-2023-0108 advisory.
Description:	Summary: The remote host is missing an update for the 'gssntlmssp' package(s) announced via the MGASA-2023-0108 advisory. Vulnerability Insight: Multiple out-of-bounds read when decoding NTLM fields. (CVE-2023-25563) Memory corruption when decoding UTF16 strings. (CVE-2023-25564) Incorrect free when decoding target information. (CVE-2023-25565) Memory leak when parsing usernames. (CVE-2023-25566) Out-of-bounds read when decoding target information. (CVE-2023-25567) Affected Software/OS: 'gssntlmssp' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 8.5 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-25563 https://github.com/gssapi/gss-ntlmssp/commit/97c62c6167299028d80765080e74d91dfc99efbd https://github.com/gssapi/gss-ntlmssp/releases/tag/v1.2.0 https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-jjjx-5qf7-9mgf Common Vulnerability Exposure (CVE) ID: CVE-2023-25564 https://github.com/gssapi/gss-ntlmssp/commit/c753000eb31835c0664e528fbc99378ae0cbe950 https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-r85x-q5px-9xfq Common Vulnerability Exposure (CVE) ID: CVE-2023-25565 https://github.com/gssapi/gss-ntlmssp/commit/c16100f60907a2de92bcb676f303b81facee0f64 https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-7q7f-wqcg-mvfg Common Vulnerability Exposure (CVE) ID: CVE-2023-25566 https://github.com/gssapi/gss-ntlmssp/commit/8660fb16474054e692a596e9c79670cd4d3954f4 https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-mfm4-6g58-jw74 Common Vulnerability Exposure (CVE) ID: CVE-2023-25567 https://github.com/gssapi/gss-ntlmssp/commit/025fbb756d44ffee8f847db4222ed6aa4bd1fbe4 https://github.com/gssapi/gss-ntlmssp/security/advisories/GHSA-24pf-6prf-24ch
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.