ID OPENVAS:1361412562310703368 Type openvas Reporter Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net Modified 2019-03-18T00:00:00
Description
It was discovered that cyrus-sasl2, a library implementing the Simple
Authentication and Security Layer, does not properly handle certain
invalid password salts. A remote attacker can take advantage of this
flaw to cause a denial of service.
# OpenVAS Vulnerability Test
# $Id: deb_3368.nasl 14275 2019-03-18 14:39:45Z cfischer $
# Auto-generated from advisory DSA 3368-1 using nvtgen 1.0
# Script version: 1.0
#
# Author:
# Greenbone Networks
#
# Copyright:
# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.703368");
script_version("$Revision: 14275 $");
script_cve_id("CVE-2013-4122");
script_name("Debian Security Advisory DSA 3368-1 (cyrus-sasl2 - security update)");
script_tag(name:"last_modification", value:"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $");
script_tag(name:"creation_date", value:"2015-09-25 00:00:00 +0200 (Fri, 25 Sep 2015)");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
script_xref(name:"URL", value:"http://www.debian.org/security/2015/dsa-3368.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB8");
script_tag(name:"affected", value:"cyrus-sasl2 on Debian Linux");
script_tag(name:"solution", value:"For the stable distribution (jessie), this problem has been fixed in
version 2.1.26.dfsg1-13+deb8u1.
For the unstable distribution (sid), this problem has been fixed in
version 2.1.26.dfsg1-14.
We recommend that you upgrade your cyrus-sasl2 packages.");
script_tag(name:"summary", value:"It was discovered that cyrus-sasl2, a library implementing the Simple
Authentication and Security Layer, does not properly handle certain
invalid password salts. A remote attacker can take advantage of this
flaw to cause a denial of service.");
script_tag(name:"vuldetect", value:"This check tests the installed software version using the apt package manager.");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
res = "";
report = "";
if((res = isdpkgvuln(pkg:"cyrus-sasl2-dbg", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"cyrus-sasl2-doc", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"cyrus-sasl2-heimdal-dbg", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"cyrus-sasl2-mit-dbg", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-2", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-dev", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-modules", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-modules-db", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-modules-gssapi-heimdal", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-modules-gssapi-mit", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-modules-ldap", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-modules-otp", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"libsasl2-modules-sql", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if((res = isdpkgvuln(pkg:"sasl2-bin", ver:"2.1.26.dfsg1-13+deb8u1", rls:"DEB8")) != NULL) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
{"id": "OPENVAS:1361412562310703368", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 3368-1 (cyrus-sasl2 - security update)", "description": "It was discovered that cyrus-sasl2, a library implementing the Simple\nAuthentication and Security Layer, does not properly handle certain\ninvalid password salts. A remote attacker can take advantage of this\nflaw to cause a denial of service.", "published": "2015-09-25T00:00:00", "modified": "2019-03-18T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703368", "reporter": "Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net", "references": ["http://www.debian.org/security/2015/dsa-3368.html"], "cvelist": ["CVE-2013-4122"], "lastseen": "2019-05-29T18:37:07", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-4122"]}, {"type": "f5", "idList": ["SOL14901"]}, {"type": "seebug", "idList": ["SSV:61356"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220191173", "OPENVAS:1361412562310120043", "OPENVAS:1361412562310121015", "OPENVAS:1361412562310842471", "OPENVAS:703368"]}, {"type": "nessus", "idList": ["EULEROS_SA-2019-1173.NASL", "UBUNTU_USN-1988-1.NASL", "GENTOO_GLSA-201309-01.NASL", "ALA_ALAS-2014-338.NASL", "DEBIAN_DSA-3368.NASL", "UBUNTU_USN-2755-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-2755-1", "USN-1988-1"]}, {"type": "amazon", "idList": ["ALAS-2014-338"]}, {"type": "gentoo", "idList": ["GLSA-201309-01"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29933", "SECURITYVULNS:VULN:13363"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3368-1:55588"]}], "modified": "2019-05-29T18:37:07", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2019-05-29T18:37:07", "rev": 2}, "vulnersScore": 5.8}, "pluginID": "1361412562310703368", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3368.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3368-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703368\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2013-4122\");\n script_name(\"Debian Security Advisory DSA 3368-1 (cyrus-sasl2 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-25 00:00:00 +0200 (Fri, 25 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3368.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"cyrus-sasl2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), this problem has been fixed in\nversion 2.1.26.dfsg1-13+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.1.26.dfsg1-14.\n\nWe recommend that you upgrade your cyrus-sasl2 packages.\");\n script_tag(name:\"summary\", value:\"It was discovered that cyrus-sasl2, a library implementing the Simple\nAuthentication and Security Layer, does not properly handle certain\ninvalid password salts. A remote attacker can take advantage of this\nflaw to cause a denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"cyrus-sasl2-dbg\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cyrus-sasl2-doc\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cyrus-sasl2-heimdal-dbg\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"cyrus-sasl2-mit-dbg\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-2\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-dev\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-modules\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-modules-db\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-heimdal\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-mit\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-modules-ldap\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-modules-otp\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libsasl2-modules-sql\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"sasl2-bin\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "naslFamily": "Debian Local Security Checks"}
{"cve": [{"lastseen": "2020-12-09T19:52:44", "description": "Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.", "edition": 5, "cvss3": {}, "published": "2013-10-27T00:55:00", "title": "CVE-2013-4122", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4122"], "modified": "2016-12-08T03:03:00", "cpe": ["cpe:/a:cmu:cyrus-sasl:2.1.20", "cpe:/a:cmu:cyrus-sasl:2.1.26", "cpe:/a:cmu:cyrus-sasl:2.1.23", "cpe:/a:cmu:cyrus-sasl:2.1.24", "cpe:/a:cmu:cyrus-sasl:2.1.21", "cpe:/a:cmu:cyrus-sasl:2.1.22", "cpe:/a:cmu:cyrus-sasl:2.1.19", "cpe:/a:cmu:cyrus-sasl:2.1.25", "cpe:/a:cmu:cyrus-sasl:1.5.28"], "id": "CVE-2013-4122", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4122", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:cmu:cyrus-sasl:2.1.24:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:2.1.21:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:2.1.19:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:2.1.25:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:2.1.23:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:2.1.22:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:1.5.28:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:2.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:cmu:cyrus-sasl:2.1.26:*:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2016-09-26T17:23:14", "bulletinFamily": "software", "cvelist": ["CVE-2013-4122"], "edition": 1, "description": "Recommended Action\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents.\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "modified": "2014-01-14T00:00:00", "published": "2014-01-14T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/900/sol14901.html", "id": "SOL14901", "title": "SOL14901 - SASL vulnerability CVE-2013-4122", "type": "f5", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:33:39", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4122"], "description": "It was discovered that Cyrus SASL incorrectly handled certain invalid \npassword salts. An attacker could use this issue to cause Cyrus SASL to \ncrash, resulting in a denial of service.", "edition": 5, "modified": "2013-10-09T00:00:00", "published": "2013-10-09T00:00:00", "id": "USN-1988-1", "href": "https://ubuntu.com/security/notices/USN-1988-1", "title": "Cyrus SASL vulnerability", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-08T23:29:45", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4122"], "description": "It was discovered that Cyrus SASL incorrectly handled certain invalid \npassword salts. An attacker could use this issue to cause Cyrus SASL to \ncrash, resulting in a denial of service.", "edition": 5, "modified": "2015-09-30T00:00:00", "published": "2015-09-30T00:00:00", "id": "USN-2755-1", "href": "https://ubuntu.com/security/notices/USN-2755-1", "title": "Cyrus SASL vulnerability", "type": "ubuntu", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2017-07-24T12:52:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "description": "It was discovered that cyrus-sasl2, a library implementing the Simple\nAuthentication and Security Layer, does not properly handle certain\ninvalid password salts. A remote attacker can take advantage of this\nflaw to cause a denial of service.", "modified": "2017-07-07T00:00:00", "published": "2015-09-25T00:00:00", "id": "OPENVAS:703368", "href": "http://plugins.openvas.org/nasl.php?oid=703368", "type": "openvas", "title": "Debian Security Advisory DSA 3368-1 (cyrus-sasl2 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3368.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3368-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703368);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2013-4122\");\n script_name(\"Debian Security Advisory DSA 3368-1 (cyrus-sasl2 - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-09-25 00:00:00 +0200 (Fri, 25 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3368.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"cyrus-sasl2 on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), this problem has been fixed in\nversion 2.1.26.dfsg1-13+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.1.26.dfsg1-14.\n\nWe recommend that you upgrade your cyrus-sasl2 packages.\");\n script_tag(name: \"summary\", value: \"It was discovered that cyrus-sasl2, a library implementing the Simple\nAuthentication and Security Layer, does not properly handle certain\ninvalid password salts. A remote attacker can take advantage of this\nflaw to cause a denial of service.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-dbg\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-doc\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-heimdal-dbg\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"cyrus-sasl2-mit-dbg\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-2\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-dev\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-db\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-heimdal\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-gssapi-mit\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-ldap\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-otp\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libsasl2-modules-sql\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sasl2-bin\", ver:\"2.1.26.dfsg1-13+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-10-01T00:00:00", "id": "OPENVAS:1361412562310842471", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842471", "type": "openvas", "title": "Ubuntu Update for cyrus-sasl2 USN-2755-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for cyrus-sasl2 USN-2755-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842471\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-01 07:12:56 +0200 (Thu, 01 Oct 2015)\");\n script_cve_id(\"CVE-2013-4122\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for cyrus-sasl2 USN-2755-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cyrus-sasl2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that Cyrus SASL\nincorrectly handled certain invalid password salts. An attacker could use this\nissue to cause Cyrus SASL to crash, resulting in a denial of service.\");\n script_tag(name:\"affected\", value:\"cyrus-sasl2 on Ubuntu 15.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2755-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2755-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU15\\.04\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU15.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libsasl2-2:amd64\", ver:\"2.1.26.dfsg1-13ubuntu0.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libsasl2-2:i386\", ver:\"2.1.26.dfsg1-13ubuntu0.1\", rls:\"UBUNTU15.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-03-17T23:00:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120043", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120043", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2014-338)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120043\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:16:03 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2014-338)\");\n script_tag(name:\"insight\", value:\"Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.\");\n script_tag(name:\"solution\", value:\"Run yum update cyrus-sasl to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-338.html\");\n script_cve_id(\"CVE-2013-4122\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-ldap\", rpm:\"cyrus-sasl-ldap~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-ntlm\", rpm:\"cyrus-sasl-ntlm~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-debuginfo\", rpm:\"cyrus-sasl-debuginfo~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-sql\", rpm:\"cyrus-sasl-sql~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-lib\", rpm:\"cyrus-sasl-lib~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-devel\", rpm:\"cyrus-sasl-devel~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-md5\", rpm:\"cyrus-sasl-md5~2.1.23~13.14.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "description": "Gentoo Linux Local Security Checks GLSA 201309-01", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121015", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121015", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201309-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201309-01.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121015\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:25:45 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201309-01\");\n script_tag(name:\"insight\", value:\"In the GNU C Library (glibc) from version 2.17 onwards, the crypt() function call can return NULL when the salt violates specifications or the system is in FIPS-140 mode and a DES or MD5 hashed password is passed. When Cyrus-SASLs authentication mechanisms call crypt(), a NULL may be returned.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201309-01\");\n script_cve_id(\"CVE-2013-4122\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201309-01\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-libs/cyrus-sasl\", unaffected: make_list(\"ge 2.1.26-r3\"), vulnerable: make_list(\"lt 2.1.26-r3\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191173", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191173", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2019-1173)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1173\");\n script_version(\"2020-01-23T11:33:40+0000\");\n script_cve_id(\"CVE-2013-4122\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:33:40 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:33:40 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2019-1173)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1173\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1173\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'cyrus-sasl' package(s) announced via the EulerOS-SA-2019-1173 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.CVE-2013-4122\");\n\n script_tag(name:\"affected\", value:\"'cyrus-sasl' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl\", rpm:\"cyrus-sasl~2.1.26~20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-gssapi\", rpm:\"cyrus-sasl-gssapi~2.1.26~20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-lib\", rpm:\"cyrus-sasl-lib~2.1.26~20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-md5\", rpm:\"cyrus-sasl-md5~2.1.26~20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cyrus-sasl-plain\", rpm:\"cyrus-sasl-plain~2.1.26~20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:12", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4122"], "description": "### Background\n\nCyrus-SASL is an implementation of the Simple Authentication and Security Layer. \n\n### Description\n\nIn the GNU C Library (glibc) from version 2.17 onwards, the crypt() function call can return NULL when the salt violates specifications or the system is in FIPS-140 mode and a DES or MD5 hashed password is passed. When Cyrus-SASL\u2019s authentication mechanisms call crypt(), a NULL may be returned. \n\n### Impact\n\nA remote attacker could trigger this vulnerability to cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Cyrus-SASL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/cyrus-sasl-2.1.26-r3\"", "edition": 1, "modified": "2013-09-01T00:00:00", "published": "2013-09-01T00:00:00", "id": "GLSA-201309-01", "href": "https://security.gentoo.org/glsa/201309-01", "type": "gentoo", "title": "Cyrus-SASL: Denial of Service", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:53", "bulletinFamily": "software", "cvelist": ["CVE-2013-4122"], "description": "Crash on some values for password's salt.", "edition": 1, "modified": "2013-10-12T00:00:00", "published": "2013-10-12T00:00:00", "id": "SECURITYVULNS:VULN:13363", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13363", "title": "Cyrus SASL DoS", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "cvelist": ["CVE-2013-4122"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1988-1\r\nOctober 09, 2013\r\n\r\ncyrus-sasl2 vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 13.04\r\n\r\nSummary:\r\n\r\nCyrus SASL could be made to crash if it processed specially crafted input.\r\n\r\nSoftware Description:\r\n- cyrus-sasl2: Cyrus Simple Authentication and Security Layer\r\n\r\nDetails:\r\n\r\nIt was discovered that Cyrus SASL incorrectly handled certain invalid\r\npassword salts. An attacker could use this issue to cause Cyrus SASL to\r\ncrash, resulting in a denial of service.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 13.04:\r\n libsasl2-2 2.1.25.dfsg1-6ubuntu0.1\r\n\r\nAfter a standard system update you need to reboot your computer to make all\r\nthe necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1988-1\r\n CVE-2013-4122\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/cyrus-sasl2/2.1.25.dfsg1-6ubuntu0.1\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2013-10-12T00:00:00", "published": "2013-10-12T00:00:00", "id": "SECURITYVULNS:DOC:29933", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29933", "title": "[USN-1988-1] Cyrus SASL vulnerability", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-08-12T00:57:28", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4122"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3368-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 25, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : cyrus-sasl2\nCVE ID : CVE-2013-4122\nDebian Bug : 784112\n\nIt was discovered that cyrus-sasl2, a library implementing the Simple\nAuthentication and Security Layer, does not properly handle certain\ninvalid password salts. A remote attacker can take advantage of this\nflaw to cause a denial of service.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.1.26.dfsg1-13+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.1.26.dfsg1-14.\n\nWe recommend that you upgrade your cyrus-sasl2 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2015-09-25T16:34:56", "published": "2015-09-25T16:34:56", "id": "DEBIAN:DSA-3368-1:55588", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00267.html", "title": "[SECURITY] [DSA 3368-1] cyrus-sasl2 security update", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:37:02", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4122"], "description": "**Issue Overview:**\n\nCyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.\n\n \n**Affected Packages:** \n\n\ncyrus-sasl\n\n \n**Issue Correction:** \nRun _yum update cyrus-sasl_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n cyrus-sasl-ldap-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-ntlm-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-debuginfo-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-sql-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-lib-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-plain-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-devel-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-gssapi-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-2.1.23-13.14.amzn1.i686 \n cyrus-sasl-md5-2.1.23-13.14.amzn1.i686 \n \n src: \n cyrus-sasl-2.1.23-13.14.amzn1.src \n \n x86_64: \n cyrus-sasl-ntlm-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-ldap-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-debuginfo-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-sql-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-devel-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-lib-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-plain-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-gssapi-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-md5-2.1.23-13.14.amzn1.x86_64 \n cyrus-sasl-2.1.23-13.14.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2014-05-13T16:37:00", "published": "2014-05-13T16:37:00", "id": "ALAS-2014-338", "href": "https://alas.aws.amazon.com/ALAS-2014-338.html", "title": "Medium: cyrus-sasl", "type": "amazon", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T17:35:28", "description": "CVE ID:CVE-2013-4122\r\n\r\nF5 ARX Series\u662fF5\u516c\u53f8\u5f00\u53d1\u7684\u667a\u80fd\u6587\u4ef6\u5b58\u50a8\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nF5 ARX Series\u76f8\u5173\u7684ARX\u7ba1\u7406\u914d\u7f6e\u5de5\u5177\u6240\u4f7f\u7528\u7684Cyrus SASL\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u8bf7\u6c42\u6267\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u4f7f\u7528LDAP\u6216\u8005Kerberos\u8fdb\u884c\u7528\u6237\u9a8c\u8bc1\u7684\u7cfb\u7edf\u53d7\u6b64\u6f0f\u6d1e\u5f71\u54cd\u3002\n0\nF5 ARX Series 6.x\n\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttp://support.f5.com/kb/en-us/products/arx.html", "published": "2014-01-20T00:00:00", "type": "seebug", "title": "F5 ARX Series Cyrus SASL\u7a7a\u6307\u9488\u5f15\u7528\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2013-4122"], "modified": "2014-01-20T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61356", "id": "SSV:61356", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T08:55:03", "description": "According to the version of the cyrus-sasl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - Cyrus SASL 2.1.23, 2.1.26, and earlier does not\n properly handle when a NULL value is returned upon an\n error by the crypt function as implemented in glibc\n 2.17 and later, which allows remote attackers to cause\n a denial of service (thread crash and consumption) via\n (1) an invalid salt or, when FIPS-140 is enabled, a (2)\n DES or (3) MD5 encrypted password, which triggers a\n NULL pointer dereference.i1/4^CVE-2013-4122i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 10, "published": "2019-04-09T00:00:00", "title": "EulerOS Virtualization 2.5.3 : cyrus-sasl (EulerOS-SA-2019-1173)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "modified": "2019-04-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:cyrus-sasl", "p-cpe:/a:huawei:euleros:cyrus-sasl-md5", "p-cpe:/a:huawei:euleros:cyrus-sasl-lib", "p-cpe:/a:huawei:euleros:cyrus-sasl-gssapi", "p-cpe:/a:huawei:euleros:cyrus-sasl-plain", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1173.NASL", "href": "https://www.tenable.com/plugins/nessus/123859", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123859);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-4122\"\n );\n script_bugtraq_id(\n 61164\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : cyrus-sasl (EulerOS-SA-2019-1173)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the cyrus-sasl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerability :\n\n - Cyrus SASL 2.1.23, 2.1.26, and earlier does not\n properly handle when a NULL value is returned upon an\n error by the crypt function as implemented in glibc\n 2.17 and later, which allows remote attackers to cause\n a denial of service (thread crash and consumption) via\n (1) an invalid salt or, when FIPS-140 is enabled, a (2)\n DES or (3) MD5 encrypted password, which triggers a\n NULL pointer dereference.i1/4^CVE-2013-4122i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1173\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3624dd00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected cyrus-sasl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:cyrus-sasl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:cyrus-sasl-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:cyrus-sasl-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:cyrus-sasl-md5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:cyrus-sasl-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"cyrus-sasl-2.1.26-20\",\n \"cyrus-sasl-gssapi-2.1.26-20\",\n \"cyrus-sasl-lib-2.1.26-20\",\n \"cyrus-sasl-md5-2.1.26-20\",\n \"cyrus-sasl-plain-2.1.26-20\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cyrus-sasl\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:54:37", "description": "The remote host is affected by the vulnerability described in GLSA-201309-01\n(Cyrus-SASL: Denial of Service)\n\n In the GNU C Library (glibc) from version 2.17 onwards, the crypt()\n function call can return NULL when the salt violates specifications or\n the system is in FIPS-140 mode and a DES or MD5 hashed password is\n passed. When Cyrus-SASL’s authentication mechanisms call crypt(), a\n NULL may be returned.\n \nImpact :\n\n A remote attacker could trigger this vulnerability to cause a Denial of\n Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 21, "published": "2013-09-02T00:00:00", "title": "GLSA-201309-01 : Cyrus-SASL: Denial of Service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "modified": "2013-09-02T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:cyrus-sasl"], "id": "GENTOO_GLSA-201309-01.NASL", "href": "https://www.tenable.com/plugins/nessus/69538", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201309-01.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69538);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-4122\");\n script_bugtraq_id(61164);\n script_xref(name:\"GLSA\", value:\"201309-01\");\n\n script_name(english:\"GLSA-201309-01 : Cyrus-SASL: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201309-01\n(Cyrus-SASL: Denial of Service)\n\n In the GNU C Library (glibc) from version 2.17 onwards, the crypt()\n function call can return NULL when the salt violates specifications or\n the system is in FIPS-140 mode and a DES or MD5 hashed password is\n passed. When Cyrus-SASL’s authentication mechanisms call crypt(), a\n NULL may be returned.\n \nImpact :\n\n A remote attacker could trigger this vulnerability to cause a Denial of\n Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201309-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Cyrus-SASL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/cyrus-sasl-2.1.26-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cyrus-sasl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/cyrus-sasl\", unaffected:make_list(\"ge 2.1.26-r3\"), vulnerable:make_list(\"lt 2.1.26-r3\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Cyrus-SASL\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T09:49:15", "description": "It was discovered that cyrus-sasl2, a library implementing the Simple\nAuthentication and Security Layer, does not properly handle certain\ninvalid password salts. A remote attacker can take advantage of this\nflaw to cause a denial of service.", "edition": 21, "published": "2015-09-28T00:00:00", "title": "Debian DSA-3368-1 : cyrus-sasl2 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "modified": "2015-09-28T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:cyrus-sasl2"], "id": "DEBIAN_DSA-3368.NASL", "href": "https://www.tenable.com/plugins/nessus/86157", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3368. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86157);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4122\");\n script_xref(name:\"DSA\", value:\"3368\");\n\n script_name(english:\"Debian DSA-3368-1 : cyrus-sasl2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that cyrus-sasl2, a library implementing the Simple\nAuthentication and Security Layer, does not properly handle certain\ninvalid password salts. A remote attacker can take advantage of this\nflaw to cause a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/cyrus-sasl2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3368\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the cyrus-sasl2 packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.1.26.dfsg1-13+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cyrus-sasl2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"cyrus-sasl2-dbg\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cyrus-sasl2-doc\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cyrus-sasl2-heimdal-dbg\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cyrus-sasl2-mit-dbg\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-2\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-dev\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-modules\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-modules-db\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-modules-gssapi-heimdal\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-modules-gssapi-mit\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-modules-ldap\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-modules-otp\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libsasl2-modules-sql\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sasl2-bin\", reference:\"2.1.26.dfsg1-13+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:40:02", "description": "It was discovered that Cyrus SASL incorrectly handled certain invalid\npassword salts. An attacker could use this issue to cause Cyrus SASL\nto crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2013-10-10T00:00:00", "title": "Ubuntu 13.04 : cyrus-sasl2 vulnerability (USN-1988-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:13.04", "p-cpe:/a:canonical:ubuntu_linux:libsasl2-2"], "id": "UBUNTU_USN-1988-1.NASL", "href": "https://www.tenable.com/plugins/nessus/70367", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1988-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70367);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-4122\");\n script_bugtraq_id(61164);\n script_xref(name:\"USN\", value:\"1988-1\");\n\n script_name(english:\"Ubuntu 13.04 : cyrus-sasl2 vulnerability (USN-1988-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Cyrus SASL incorrectly handled certain invalid\npassword salts. An attacker could use this issue to cause Cyrus SASL\nto crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1988-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsasl2-2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsasl2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.04\", pkgname:\"libsasl2-2\", pkgver:\"2.1.25.dfsg1-6ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsasl2-2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:18:48", "description": "Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a\nNULL value is returned upon an error by the crypt function as\nimplemented in glibc 2.17 and later, which allows remote attackers to\ncause a denial of service (thread crash and consumption) via (1) an\ninvalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5\nencrypted password, which triggers a NULL pointer dereference.", "edition": 23, "published": "2014-10-12T00:00:00", "title": "Amazon Linux AMI : cyrus-sasl (ALAS-2014-338)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:cyrus-sasl-debuginfo", "p-cpe:/a:amazon:linux:cyrus-sasl-lib", "p-cpe:/a:amazon:linux:cyrus-sasl-plain", "p-cpe:/a:amazon:linux:cyrus-sasl-gssapi", "p-cpe:/a:amazon:linux:cyrus-sasl", "p-cpe:/a:amazon:linux:cyrus-sasl-ldap", "p-cpe:/a:amazon:linux:cyrus-sasl-devel", "p-cpe:/a:amazon:linux:cyrus-sasl-ntlm", "p-cpe:/a:amazon:linux:cyrus-sasl-sql", "cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:cyrus-sasl-md5"], "id": "ALA_ALAS-2014-338.NASL", "href": "https://www.tenable.com/plugins/nessus/78281", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-338.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78281);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2013-4122\");\n script_xref(name:\"ALAS\", value:\"2014-338\");\n\n script_name(english:\"Amazon Linux AMI : cyrus-sasl (ALAS-2014-338)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a\nNULL value is returned upon an error by the crypt function as\nimplemented in glibc 2.17 and later, which allows remote attackers to\ncause a denial of service (thread crash and consumption) via (1) an\ninvalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5\nencrypted password, which triggers a NULL pointer dereference.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-338.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update cyrus-sasl' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-md5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-ntlm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-plain\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cyrus-sasl-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-debuginfo-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-devel-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-gssapi-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-ldap-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-lib-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-md5-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-ntlm-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-plain-2.1.23-13.14.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cyrus-sasl-sql-2.1.23-13.14.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cyrus-sasl / cyrus-sasl-debuginfo / cyrus-sasl-devel / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T15:29:06", "description": "It was discovered that Cyrus SASL incorrectly handled certain invalid\npassword salts. An attacker could use this issue to cause Cyrus SASL\nto crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2015-10-01T00:00:00", "title": "Ubuntu 15.04 : cyrus-sasl2 vulnerability (USN-2755-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-4122"], "modified": "2015-10-01T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:15.04", "p-cpe:/a:canonical:ubuntu_linux:libsasl2-2"], "id": "UBUNTU_USN-2755-1.NASL", "href": "https://www.tenable.com/plugins/nessus/86219", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2755-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86219);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4122\");\n script_xref(name:\"USN\", value:\"2755-1\");\n\n script_name(english:\"Ubuntu 15.04 : cyrus-sasl2 vulnerability (USN-2755-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Cyrus SASL incorrectly handled certain invalid\npassword salts. An attacker could use this issue to cause Cyrus SASL\nto crash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2755-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libsasl2-2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsasl2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.04\", pkgname:\"libsasl2-2\", pkgver:\"2.1.26.dfsg1-13ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsasl2-2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}]}