CVE-2017-6384

2017-03-0206:59:00

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

JSON

Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.

CPENameOperatorVersion
athemeeqatheme-services-7.0.0-alpha8
athemeeqatheme-services-4.0.0
athemeeqatheme-7.2.0-beta1
athemeeqatheme-services-3.0.2
athemeeqatheme-services-6.0.0-beta3
athemeeqatheme-7.2.0-rc1
athemeeqatheme-7.2.0-beta2
athemeeqatheme-services-5.0.1
athemeeqatheme-services-5.2.0
athemeeqatheme-services-5.1-rc1

Name	Operator	Version
atheme	eq	atheme-services-7.0.0-alpha8
atheme	eq	atheme-services-4.0.0
atheme	eq	atheme-7.2.0-beta1
atheme	eq	atheme-services-3.0.2
atheme	eq	atheme-services-6.0.0-beta3
atheme	eq	atheme-7.2.0-rc1
atheme	eq	atheme-7.2.0-beta2
atheme	eq	atheme-services-5.0.1
atheme	eq	atheme-services-5.2.0
atheme	eq	atheme-services-5.1-rc1