[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-1721Date: (C)2006-04-11   (M)2023-12-22


digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 2.6
Exploit Score: 4.9
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1016960
BID-17446
SECUNIA-19618
SECUNIA-19753
SECUNIA-19809
SECUNIA-19825
SECUNIA-19964
SECUNIA-20014
2006-0024
http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.html
20070901-01-P
http://www.securityfocus.com/archive/1/493080/100/0/threaded
SECUNIA-22187
SECUNIA-26708
SECUNIA-26857
SECUNIA-27237
SECUNIA-30535
ADV-2006-1306
ADV-2006-3852
ADV-2008-1744
APPLE-SA-2006-09-29
DSA-1042
GLSA-200604-09
MDKSA-2006:073
RHSA-2007:0795
RHSA-2007:0878
SUSE-SA:2006:025
USN-272-1
cyrus-sasl-digest-dos(25738)
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=7775
http://labs.musecurity.com/advisories/MU-200604-01.txt
http://support.avaya.com/elmodocs2/security/ASA-2007-426.htm
http://www.vmware.com/security/advisories/VMSA-2008-0009.html
oval:org.mitre.oval:def:9861

CWE    1
CWE-20

© SecPod Technologies