Описание
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | cyrus-sasl | Out of support scope | ||
| Red Hat Enterprise Linux 6 | cyrus-sasl | Out of support scope | ||
| Red Hat Enterprise Linux 7 | cyrus-sasl | Will not fix | ||
| Red Hat JBoss Enterprise Web Server 2 | cyrus-sasl | Out of support scope | ||
| Red Hat Enterprise Linux 8 | cyrus-sasl | Fixed | RHSA-2020:4497 | 04.11.2020 |
| Red Hat Enterprise Linux 8 | cyrus-sasl | Fixed | RHSA-2020:4497 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading ...
7.5 High
CVSS3