Описание
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.1.27~101-g0780600+dfsg-3ubuntu2.1 |
| devel | released | 2.1.17+dfsg-2 |
| disco | ignored | end of life |
| eoan | released | 2.1.27+dfsg-1ubuntu0.1 |
| esm-infra-legacy/trusty | released | 2.1.25.dfsg1-17ubuntu0.1~esm1 |
| esm-infra/bionic | released | 2.1.27~101-g0780600+dfsg-3ubuntu2.1 |
| esm-infra/xenial | released | 2.1.26.dfsg1-14ubuntu0.2 |
| precise/esm | not-affected | 2.1.25.dfsg1-3ubuntu0.2 |
| trusty | ignored | end of standard support |
| trusty/esm | released | 2.1.25.dfsg1-17ubuntu0.1~esm1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading ...
EPSS
5 Medium
CVSS2
7.5 High
CVSS3