Download
| Alert*
oval:org.secpod.oval:def:64605
The host is installed with Apple Mac OS X 10.15.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an input validation issue. Successful exploitation allows a remote attacker to cause a limited out-of-bounds write, resulting in a ... oval:org.secpod.oval:def:61480 Stephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string function in libsasl2-dev, a library implementing the Simple Authentication and Security Layer. A remote attacker can take advantage of this issue to cause denial-of-service conditions for applications using the li ... oval:org.secpod.oval:def:89002956 This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet . oval:org.secpod.oval:def:61795 cyrus-sasl2: Cyrus Simple Authentication and Security Layer Cyrus SASL could be made to crash or execute arbitrary code if it received a specially crafted LDAP packet. oval:org.secpod.oval:def:504745 The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer . SASL is a method for adding authentication support to connection-based protocols. Security Fix: * cyrus-sasl: denial of service in _sasl_add_string function For more details about the security iss ... oval:org.secpod.oval:def:67969 The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer . SASL is a method for adding authentication support to connection-based protocols. Security Fix: * cyrus-sasl: denial of service in _sasl_add_string function For more details about the security iss ... oval:org.secpod.oval:def:64590 The host is missing a security update according to Apple advisory, APPLE-SA-2020-07-15-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allow remote attackers to execute arbitrary code or ... oval:org.secpod.oval:def:1801648 Cyrus-sasl 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl. oval:org.secpod.oval:def:89995 The remote host is missing a patch 142397-02 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89994 The remote host is missing a patch 142398-02 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89000623 This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet . oval:org.secpod.oval:def:705355 cyrus-sasl2: Cyrus Simple Authentication and Security Layer Cyrus SASL could be made to crash or execute arbitrary code if it received a specially crafted LDAP packet. oval:org.secpod.oval:def:604655 Stephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string function in cyrus-sasl2, a library implementing the Simple Authentication and Security Layer. A remote attacker can take advantage of this issue to cause denial-of-service conditions for applications using the lib ... oval:org.secpod.oval:def:1504421 [2.1.27-5] - Reduce excessive GSSAPI plugin logging - Resolves: rhbz#1274734 [2.1.27-4] - Add support for setting maxssf=0 in GSS-SPNEGO - Resolves: rhbz#1822133 [2.1.27-3] - Backport GSSAPI Channel Bindings support - Resolves: rhbz#1817054 [2.1.27-2] - Backport fix for CVE-2019-19906 - Resolves: rh ... oval:org.secpod.oval:def:69931 Stephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string function in libsasl2-dev, a library implementing the Simple Authentication and Security Layer. A remote attacker can take advantage of this issue to cause denial-of-service conditions for applications using the li ... oval:org.secpod.oval:def:89047051 This update for cyrus-sasl fixes the following issues: - CVE-2019-19906: Fixed an out-of-bounds write that could lead to unauthenticated remote denial of service in OpenLDAP via a malformed LDAP packet . oval:org.secpod.oval:def:2107643 Oracle Solaris 11 - ( CVE-2022-24407 ) oval:org.secpod.oval:def:2500067 The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer . SASL is a method for adding authentication support to connection-based protocols. |