Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
References
Link | Resource |
---|---|
http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml | Patch Vendor Advisory |
http://www.linuxcompatible.org/print42495.html | Patch Vendor Advisory |
http://www.mandriva.com/security/advisories?name=MDKSA-2005:054 | |
http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/11347 | Patch Vendor Advisory |
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171 | Vendor Advisory |
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup | Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17642 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2004-10-07 04:00
Updated : 2024-02-04 16:31
NVD link : CVE-2005-0373
Mitre link : CVE-2005-0373
CVE.ORG link : CVE-2005-0373
JSON object : View
Products Affected
apple
- mac_os_x_server
- mac_os_x
suse
- suse_linux
- suse_cvsup
redhat
- fedora_core
cyrus
- sasl
openpkg
- openpkg
conectiva
- linux
CWE