Impact
The vulnerability is an Improper Input Validation flaw (CWE‑839) in the _gsasl_ntlm_client_step function of GNU SASL. When the client processes a short NTLM challenge that a malicious server deliberately crafts, it fails to sanitize the input, causing the client to read and expose parts of its own memory. This results in disclosure of potentially sensitive data such as passwords or cryptographic material but does not give the attacker code execution or integrity bypass on the target system.
Affected Systems
GNU SASL versions older than 2.2.4 on any system that uses the NTLM client component are affected. Hosts that run unpatched clients and establish NTLM authentication sessions with an external server may be vulnerable.
Risk and Exploitability
The CVSS score of 3.7 indicates moderate severity, largely due to the limited scope of impact. EPSS is not available, and the vulnerability is not in the CISA KEV list. An attacker can exploit the flaw by controlling a server that the client connects to; no privilege escalation or additional host access is required on the client side. The attack requires network proximity to the client or the ability to become a trusted NTLM authentication partner.
OpenCVE Enrichment