Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request.
vulners.com/securityvulns/securityvulns:doc:4432
vulners.com/securityvulns/securityvulns:doc:4433
vulners.com/securityvulns/securityvulns:doc:679
vulners.com/securityvulns/securityvulns:doc:680
vulners.com/securityvulns/securityvulns:doc:684
vulners.com/securityvulns/securityvulns:doc:685