DSA-4591-1 cyrus-sasl2 -- cyrus-sasl2ID: oval:org.secpod.oval:def:604655 | Date: (C)2019-12-26 (M)2023-12-20 |
Class: PATCH | Family: unix |
Stephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string function in cyrus-sasl2, a library implementing the Simple Authentication and Security Layer. A remote attacker can take advantage of this issue to cause denial-of-service conditions for applications using the library.
Platform: |
Debian 10.x |
Debian 9.x |
Product: |
libsasl2-2 |
sasl2-bin |
libsasl2-dev |
libsasl2-modules |
cyrus-sasl2-doc |