CVE Vulnerabilities

CVE-2005-0373

Published: Oct 07, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

Affected Software

Name Vendor Start Version End Version
Sasl Cyrus 2.1.16 2.1.16
Sasl Cyrus 2.1.13 2.1.13
Linux Conectiva 9.0 9.0
Sasl Cyrus 2.1.18_r1 2.1.18_r1
Sasl Cyrus 2.1.11 2.1.11
Openpkg Openpkg 2.1 2.1
Sasl Cyrus 1.5.24 1.5.24
Sasl Cyrus 1.5.27 1.5.27
Sasl Cyrus 2.1.14 2.1.14
Sasl Cyrus 1.5.28 1.5.28
Sasl Cyrus 2.1.18 2.1.18
Sasl Cyrus 2.1.12 2.1.12
Sasl Cyrus 2.1.17 2.1.17
Openpkg Openpkg 2.2 2.2
Suse_cvsup Suse 16.1h_36.i586 16.1h_36.i586
Linux Conectiva 10.0 10.0
Sasl Cyrus 2.1.9 2.1.9
Sasl Cyrus 2.1.10 2.1.10
Sasl Cyrus 2.1.15 2.1.15

References