The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Cyrus SASL

Sudo: privilege escalation via Nonexistent User
An attacker can bypass restrictions via Nonexistent User of Sudo, in order to escalate his privileges...
bulletinapr2020, CVE-2019-19232, FEDORA-2020-8b563bc5f4, RHSA-2020:1804-01, VIGILANCE-VUL-31205
Cyrus SASL: denial of service via saslauthd ipc_doors.c
An attacker can generate a fatal error via saslauthd ipc_doors.c of Cyrus SASL, in order to trigger a denial of service...
VIGILANCE-VUL-27834
Cyrus SASL: denial of service via crypt
An attacker can use a malformed salt during the authentication to Cyrus SASL, in order to stop the service...
BID-61164, CVE-2013-4122, DSA-3368-1, USN-2755-1, VIGILANCE-VUL-13108
OpenSSL, OpenLDAP, Cyrus-SASL: privilege escalation via setuid/dump
An attacker can use applications linked to OpenSSL, OpenLDAP and Cyrus-SASL libraries, in order to elevate his privileges or to overwrite a file...
VIGILANCE-VUL-10672
Cyrus SASL: buffer overflow of sasl_encode64
An attacker can generate an overflow in applications linked to Cyrus SASL and using the sasl_encode64() function...
259148, 264248, 6836899, 6843063, BID-34961, CERTA-2002-AVI-235, CVE-2009-0688, DSA-1807-1, MDVSA-2009:113, MDVSA-2009:113-1, RHSA-2009:1116-01, SSA:2009-134-01, SUSE-SR:2009:011, VIGILANCE-VUL-8715, VU#238019
Cyrus SASL: denial of service of DIGEST-MD5
An unauthenticated attacker can generate an error during DIGEST-MD5 negotiation in order to lead to a denial of service...
20070901-01-P, BID-17446, CERTA-2002-AVI-144, CERTA-2006-AVI-416, CVE-2006-1721, DSA-1042-1, FEDORA-2006-515, MDKSA-2006:073, MU-200604-01, RHSA-2007:0795-01, RHSA-2007:0878-01, SUSE-SA:2006:025, VIGILANCE-VUL-5753, VMSA-2008-0009, VMSA-2008-0009.1, VMSA-2008-0009.2
Cyrus SASL : buffer overflow de digestmd5.c
Un attaquant peut accroître ses privilèges en utilisant un buffer overflow de Cyrus SASL...
BID-11347, CVE-2005-0373, MDKSA-2005:054, SUSE-SA:2005:013, V6-UNIXCYRUSSASLDIGESTMD5, VIGILANCE-VUL-4798
Cyrus SASL : accroissement de privilèges
Un attaquant local peut employer Cyrus SASL pour accroître ses privilèges...
20041003-01-U, BID-11347, CVE-2004-0884, DSA-563, DSA-563-3, DSA-568, DSA-568-1, FEDORA-2004-332, FLSA-2137, FLSA:2137, MDKSA-2004:106, RHSA-2004:546, SGI 20041003, V6-UNIXCYRUSSASLPATH, VIGILANCE-VUL-4432
Buffer overflow de Cyrus SASL à l'aide d'un long nom de login
En utilisant un nom de login trop long, un attaquant pourrait faire exécuter du code sur le serveur SASL...
BID-6347, CVE-2002-1347, RHSA-2002:283, V6-UNIXCYRUSSASLUSERCAN, VIGILANCE-VUL-3197
Buffer overflow de Cyrus SASL lors de la journalisation
Lorsque la bibliothèque SASL journalise certains évènements, un buffer overflow d'un seul octet peut se produire...
BID-6349, CVE-2002-1347, RHSA-2002:283, V6-UNIXCYRUSSASLLOG0BOF, VIGILANCE-VUL-3196
Our database contains other pages. You can request a free trial to read them.

Display information about Cyrus SASL: