digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions prior to 2.1.21, allows remote unauthenticated malicious users to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cyrus sasl 2.1.18_r1 |
||
cyrus sasl 2.1.18_r2 |
||
cyrus sasl 2.1.19 |
||
cyrus sasl 2.1.20 |
||
cyrus sasl 2.1.18 |