logo
DATABASE RESOURCES PRICING ABOUT US

Ubuntu 16.04 LTS : Cyrus SASL vulnerability (USN-5301-2)

Description

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5301-2 advisory. - In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. (CVE-2022-24407) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related