Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3368-1:55588
HistorySep 25, 2015 - 4:34 p.m.

[SECURITY] [DSA 3368-1] cyrus-sasl2 security update

2015-09-2516:34:56
lists.debian.org
11

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON

Debian Security Advisory DSA-3368-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
September 25, 2015 https://www.debian.org/security/faq

Package : cyrus-sasl2
CVE ID : CVE-2013-4122
Debian Bug : 784112

It was discovered that cyrus-sasl2, a library implementing the Simple
Authentication and Security Layer, does not properly handle certain
invalid password salts. A remote attacker can take advantage of this
flaw to cause a denial of service.

For the stable distribution (jessie), this problem has been fixed in
version 2.1.26.dfsg1-13+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 2.1.26.dfsg1-14.

We recommend that you upgrade your cyrus-sasl2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian8allcyrus-sasl2< 2.1.26.dfsg1-13+deb8u1cyrus-sasl2_2.1.26.dfsg1-13+deb8u1_all.deb

Related

prion 1
nessus 6
securityvulns 2
gentoo 1
seebug 1
debiancve 1
openvas 7
cvelist 1
f5 2
osv 1
ubuntu 2
ubuntucve 1
alpinelinux 1
debian 1
cve 1
amazon 1
prion
prion
Null pointer dereference
2013-10-27 00:55:00
nessus
nessus
Amazon Linux AMI : cyrus-sasl (ALAS-2014-338)
2014-10-12 00:00:00
GLSA-201309-01 : Cyrus-SASL: Denial of Service
2013-09-02 00:00:00
Debian DSA-3368-1 : cyrus-sasl2 - security update
2015-09-28 00:00:00
securityvulns
securityvulns
[USN-1988-1] Cyrus SASL vulnerability
2013-10-12 00:00:00
Cyrus SASL DoS
2013-10-12 00:00:00
gentoo
gentoo
Cyrus-SASL: Denial of service
2013-09-01 00:00:00
seebug
seebug
F5 ARX Series Cyrus SASL空指针引用漏洞
2014-01-20 00:00:00
debiancve
debiancve
CVE-2013-4122
2013-10-27 00:55:00
openvas
openvas
Ubuntu: Security Advisory (USN-1988-1)
2022-08-26 00:00:00
Debian Security Advisory DSA 3368-1 (cyrus-sasl2 - security update)
2015-09-25 00:00:00
Ubuntu: Security Advisory (USN-2755-1)
2015-10-01 00:00:00
cvelist
cvelist
CVE-2013-4122
2013-10-27 00:00:00
f5
f5
K14901 : SASL vulnerability CVE-2013-4122
2014-01-14 00:00:00
SOL14901 - SASL vulnerability CVE-2013-4122
2014-01-14 00:00:00
osv
osv
CVE-2013-4122
2013-10-27 00:55:00
ubuntu
ubuntu
Cyrus SASL vulnerability
2015-09-30 00:00:00
Cyrus SASL vulnerability
2013-10-09 00:00:00
ubuntucve
ubuntucve
CVE-2013-4122
2013-07-18 00:00:00
alpinelinux
alpinelinux
CVE-2013-4122
2013-10-27 00:55:00
debian
debian
[SECURITY] [DSA 3368-1] cyrus-sasl2 security update
2015-09-25 16:34:38
cve
cve
CVE-2013-4122
2013-10-27 00:55:00
amazon
amazon
Medium: cyrus-sasl
2014-05-13 16:37:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.008 Low

EPSS

Percentile

82.0%

JSON
Related for DEBIAN:DSA-3368-1:55588
prion1nessus6securityvulns2gentoo1seebug1debiancve1openvas7cvelist1f52osv1ubuntu2ubuntucve1alpinelinux1debian1cve1amazon1