gss-ntlmssp is vulnerable to Denial Of Service (DoS). The vulnerability exists because of a memory leak when parsing usernames to the domain portion of a username, which overrides the allocated memory area of the size of the domain name via the main gss_accept_sec_context
entry point, leading to an application crash.