The Negotiate Security Software Provider (SSP) interface...
High severity
Unreviewed
Published
Apr 29, 2022
to the GitHub Advisory Database
•
Updated Feb 16, 2024
Description
Published by the National Vulnerability Database
Jun 1, 2004
Published to the GitHub Advisory Database
Apr 29, 2022
Last updated
Feb 16, 2024
The Negotiate Security Software Provider (SSP) interface in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service (crash from null dereference) or execute arbitrary code via a crafted SPNEGO NegTokenInit request during authentication protocol selection.
References