An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated (instead, the nonce is empty). This causes authentication to fail in the best case, but (if...
9.8CVSS
9.4AI Score
0.002EPSS
SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the...
8.5AI Score
0.002EPSS
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API...
8.1CVSS
7.7AI Score
0.002EPSS
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE...
8.8CVSS
9.1AI Score
0.003EPSS
A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior...
7CVSS
6.7AI Score
0.0004EPSS
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in...
7.5CVSS
7.5AI Score
0.005EPSS
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when...
6.4AI Score
0.008EPSS
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in...
9.6AI Score
0.407EPSS
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5...
9.2AI Score
0.073EPSS
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary...
7.4AI Score
0.035EPSS
The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious...
9.1AI Score
0.0005EPSS
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3)....
9.8CVSS
9.9AI Score
0.131EPSS
cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access...
6.7AI Score
0.0004EPSS