Hydra – Stack Buffer Overflow in NTLM Authentication Handler

8.6 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an excessively long domain string, causing base64-encoded response data to overflow a 500-byte stack buffer by 18 to 330 bytes, enabling remote code execution on systems without stack protection.

AI Analysis

Stack buffer overflow in NTLM authentication handler, enabling remote code execution

Basic Information

ID CVE-2026-56766

Source VulnCheck

Published Jun 25, 2026 at 18:01

Affected Product

Vendor vanhauser-thc

Product thc-hydra

Affected Versions vanhauser-thc thc-hydra 0

CWE Classification

CWE-121

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor vanhauser-thc

Product thc-hydra

Version through 9.7

References

{
    "lastseen": "",
    "description": "Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing malicious NTLM Type-2 challenges. A malicious server can send a crafted NTLM Type-2 challenge with an excessively long domain string, causing base64-encoded response data to overflow a 500-byte stack buffer by 18 to 330 bytes, enabling remote code execution on systems without stack protection.",
    "published": "2026-06-25T18:01:07.362Z",
    "modified": "2026-06-25T18:01:07.362Z",
    "type": "cve",
    "title": "Hydra - Stack Buffer Overflow in NTLM Authentication Handler",
    "source": "VulnCheck",
    "references": "https://github.com/vanhauser-thc/thc-hydra/commit/9cc84c20e75f5fef6bb1790bb9ada2afad2204e2\nhttps://www.vulncheck.com/advisories/hydra-stack-buffer-overflow-in-ntlm-authentication-handler",
    "id": "CVE-2026-56766",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121"
    ],
    "cvelist": null,
    "sourceData": "vanhauser-thc thc-hydra 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "thc-hydra",
    "version": "0",
    "vendor": "vanhauser-thc",
    "ai_description": "Stack buffer overflow in NTLM authentication handler, enabling remote code execution",
    "ai_severity": "High",
    "ai_vendor": "vanhauser-thc",
    "ai_product": "thc-hydra",
    "ai_version": "through 9.7",
    "ai_score": 8.6
}

Hydra – Stack Buffer Overflow in NTLM Authentication Handler_CVE-2026-56766