Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cyrus sasl 1.5.28 vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2013-4122
Cyrus SASL 2.1.23, 2.1.26, and previous versions does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote malicious users to cause a denial of service (thread crash and consumption) via ...
Cmu Cyrus-sasl 2.1.22Cmu Cyrus-sasl 2.1.21Cmu Cyrus-sasl 2.1.24Cmu Cyrus-sasl 2.1.25Cmu Cyrus-sasl 1.5.28Cmu Cyrus-sasl 2.1.20Cmu Cyrus-sasl 2.1.19Cmu Cyrus-saslCmu Cyrus-sasl 2.1.23
7.2
CVSSv2
CVE-2004-0884
The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and previous versions trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs.
Cyrus Sasl 2.1.10Cyrus Sasl 2.1.11Cyrus Sasl 2.1.18Cyrus Sasl 2.1.18 R1Cyrus Sasl 2.1.9Cyrus Sasl 2.1.12Cyrus Sasl 2.1.13Conectiva Linux 10.0Conectiva Linux 9.0Cyrus Sasl 1.5.24Cyrus Sasl 2.1.14Cyrus Sasl 2.1.15Cyrus Sasl 1.5.27Cyrus Sasl 1.5.28Cyrus Sasl 2.1.16Cyrus Sasl 2.1.17
7.5
CVSSv2
CVE-2009-0688
Multiple buffer overflows in the CMU Cyrus SASL library prior to 2.1.23 might allow remote malicious users to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
Carnegie Mellon University Cyrus-sasl 2.1.19Carnegie Mellon University Cyrus-saslCarnegie Mellon University Cyrus-sasl 1.5.24Carnegie Mellon University Cyrus-sasl 1.5.15Carnegie Mellon University Cyrus-sasl 1.5.16Carnegie Mellon University Cyrus-sasl 1.5.27Carnegie Mellon University Cyrus-sasl 1.5.3Carnegie Mellon University Cyrus-sasl 2.0.5Carnegie Mellon University Cyrus-sasl 2.1.0Carnegie Mellon University Cyrus-sasl 2.1.1Carnegie Mellon University Cyrus-sasl 2.1.16Carnegie Mellon University Cyrus-sasl 2.1.21Carnegie Mellon University Cyrus-sasl 2.1.20Carnegie Mellon University Cyrus-sasl 1.5.11Carnegie Mellon University Cyrus-sasl 1.5.13Carnegie Mellon University Cyrus-sasl 1.5.23Carnegie Mellon University Cyrus-sasl 1.5.26Carnegie Mellon University Cyrus-sasl 2.0.3Carnegie Mellon University Cyrus-sasl 2.0.4Carnegie Mellon University Cyrus-sasl 2.1.14Carnegie Mellon University Cyrus-sasl 2.1.15Carnegie Mellon University Cyrus-sasl 2.1.6
7.5
CVSSv2
CVE-2005-0373
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote malicious users to execute arbitrary code.
Cyrus Sasl 1.5.24Cyrus Sasl 1.5.27Cyrus Sasl 1.5.28Cyrus Sasl 2.1.16Cyrus Sasl 2.1.17Conectiva Linux 9.0Cyrus Sasl 2.1.12Cyrus Sasl 2.1.13Cyrus Sasl 2.1.9Openpkg Openpkg 2.1Openpkg Openpkg 2.2Cyrus Sasl 2.1.10Cyrus Sasl 2.1.11Cyrus Sasl 2.1.18Cyrus Sasl 2.1.18 R1Cyrus Sasl 2.1.14Cyrus Sasl 2.1.15Suse Suse Cvsup 16.1h 36.i586Conectiva Linux 10.0Apple Mac Os X 10.1.1Apple Mac Os X 10.1.2Apple Mac Os X 10.2.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook