Published: 07/10/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote malicious users to execute arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cyrus sasl 1.5.24
cyrus sasl 1.5.27
cyrus sasl 1.5.28
cyrus sasl 2.1.16
cyrus sasl 2.1.17
conectiva linux 9.0
cyrus sasl 2.1.12
cyrus sasl 2.1.13
cyrus sasl 2.1.9
openpkg openpkg 2.1
openpkg openpkg 2.2
cyrus sasl 2.1.10
cyrus sasl 2.1.11
cyrus sasl 2.1.18
cyrus sasl 2.1.18_r1
cyrus sasl 2.1.14
cyrus sasl 2.1.15
suse suse cvsup 16.1h_36.i586
conectiva linux 10.0
apple mac os x 10.1.1
apple mac os x 10.1.2
apple mac os x 10.2.3
apple mac os x 10.2.4
apple mac os x 10.3.3
apple mac os x 10.3.4
apple mac os x server 10.1.1
apple mac os x server 10.1.2
apple mac os x server 10.2.3
apple mac os x server 10.2.4
apple mac os x server 10.2.5
apple mac os x server 10.3.3
apple mac os x server 10.3.4
suse suse linux 8.0
suse suse linux 9.1
suse suse linux 9.2
apple mac os x 10.0.2
apple mac os x 10.0.3
apple mac os x 10.1.5
apple mac os x 10.2
apple mac os x 10.2.8
apple mac os x 10.3
apple mac os x 10.3.7
apple mac os x 10.3.8
apple mac os x server 10.1.5
apple mac os x server 10.2
apple mac os x server 10.2.8
apple mac os x server 10.3
apple mac os x server 10.3.7
apple mac os x server 10.3.8
suse suse linux 9.0
apple mac os x 10.0
apple mac os x 10.0.1
apple mac os x 10.1.3
apple mac os x 10.1.4
apple mac os x 10.2.5
apple mac os x 10.2.6
apple mac os x 10.2.7
apple mac os x 10.3.5
apple mac os x 10.3.6
apple mac os x server 10.1.3
apple mac os x server 10.1.4
apple mac os x server 10.2.6
apple mac os x server 10.2.7
apple mac os x server 10.3.5
apple mac os x server 10.3.6
suse suse linux 8.1
suse suse linux 8.2
apple mac os x 10.0.4
apple mac os x 10.1
apple mac os x 10.2.1
apple mac os x 10.2.2
apple mac os x 10.3.1
apple mac os x 10.3.2
apple mac os x server 10.0
apple mac os x server 10.1
apple mac os x server 10.2.1
apple mac os x server 10.2.2
apple mac os x server 10.3.1
apple mac os x server 10.3.2
redhat fedora core core_1.0
suse suse linux 1.0

NVD-CWE-Other https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171 http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml http://www.linuxcompatible.org/print42495.html http://www.securityfocus.com/bid/11347 http://www.mandriva.com/security/advisories?name=MDKSA-2005:054 https://exchange.xforce.ibmcloud.com/vulnerabilities/17642 https://nvd.nist.gov

Get Started

CVE-2005-0373

Vulnerability Summary

References

Vulmon Search

About

Products

Connect