Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-4122

Опубликовано: 27 окт. 2013
Источник: ubuntu
Приоритет: medium
CVSS2: 4.3

Описание

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.

РелизСтатусПримечание
devel

released

2.1.26.dfsg1-14
esm-infra-legacy/trusty

not-affected

2.1.25.dfsg1-17
lucid

not-affected

precise

not-affected

quantal

not-affected

raring

released

2.1.25.dfsg1-6ubuntu0.1
trusty

not-affected

2.1.25.dfsg1-17
trusty/esm

not-affected

2.1.25.dfsg1-17
upstream

released

2.1.26.dfsg1-14
vivid

released

2.1.26.dfsg1-13ubuntu0.1

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2013-4122

redhat
больше 12 лет назад

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.

nvd логотип

CVE-2013-4122

nvd
больше 12 лет назад

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.

debian логотип

CVE-2013-4122

debian
больше 12 лет назад

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a ...

github логотип

GHSA-pwpx-m778-r79w

github
больше 3 лет назад

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.

fstec логотип

BDU:2015-09740

fstec
больше 12 лет назад

Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации

4.3 Medium

CVSS2