CVE-2019-19977

Опубликовано: 26 дек. 2019

Источник: debian

Описание

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libesmtp	unfixed			package

Примечания

https://github.com/Kirin-say/Vulnerabilities/blob/master/Stack_Overflow_in_libesmtp.md
NTLM support not enabled in the Debian builds.

Связанные уязвимости

CVE-2019-19977

CVSS3: 9.8

ubuntu

около 6 лет назад

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.

CVE-2019-19977

CVSS3: 7.4

redhat

около 6 лет назад

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.

CVE-2019-19977

CVSS3: 9.8

nvd

около 6 лет назад

libESMTP through 1.0.6 mishandles domain copying into a fixed-size buffer in ntlm_build_type_2 in ntlm/ntlmstruct.c, as demonstrated by a stack-based buffer over-read.

CVE-2019-19977

CVSS3: 9.8

msrc

около 4 лет назад

Описание отсутствует

openSUSE-SU-2021:2937-1

suse-cvrf

больше 4 лет назад

Security update for libesmtp