PT-2006-1048 · Cyrus+2 · Cyrus Sasl Library+2

Publicado

2006-04-11

Atualizado

2018-10-18

CVE-2006-1721

CVSS v2.0

2.6

Baixa

Vetor

AV:N/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Cyrus SASL library versions prior to 2.1.21 Gentoo Linux cyrus-sasl package versions prior to 2.1.21-r2

Description: The issue allows remote unauthenticated attackers to cause a denial of service, potentially leading to disruption of protected information. This can be achieved through malformed inputs in DIGEST-MD5 negotiation, resulting in a segmentation fault.

Recommendations: For Cyrus SASL library versions prior to 2.1.21, update to version 2.1.21 or later to resolve the issue. For Gentoo Linux cyrus-sasl package versions prior to 2.1.21-r2, update to version 2.1.21-r2 or later to resolve the issue.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2015-09503

CVE-2006-1721

DSA-1042-1

RHSA-2007:0795

RHSA-2007:0878

RHSA-2007_0795

Produtos afetados

Cyrus Sasl Library

Gentoo Linux

Red Hat

PT-2006-1048 · Cyrus+2 · Cyrus Sasl Library+2

CVE-2006-1721

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 42