Lucene search
K

13 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:42 p.m.17 views

K14901: SASL vulnerability CVE-2013-4122

Security Advisory Description Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service thread crash and consumption via 1 an...

4.3CVSS6.7AI score0.03589EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2019-1173)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.03589EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2015/10/01 12:0 a.m.31 views

Ubuntu 15.04 : cyrus-sasl2 vulnerability (USN-2755-1)

It was discovered that Cyrus SASL incorrectly handled certain invalid password salts. An attacker could use this issue to cause Cyrus SASL to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

4.3CVSS5.4AI score0.03589EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.17 views

Gentoo Security Advisory GLSA 201309-01

Gentoo Linux Local Security Checks GLSA 201309-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

4.3CVSS5AI score0.03589EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2015/09/28 12:0 a.m.20 views

Debian DSA-3368-1 : cyrus-sasl2 - security update

It was discovered that cyrus-sasl2, a library implementing the Simple Authentication and Security Layer, does not properly handle certain invalid password salts. A remote attacker can take advantage of this flaw to cause a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...

4.3CVSS5.4AI score0.03589EPSS
Exploits2References4
Debian
Debian
added 2015/09/25 4:34 p.m.15 views

[SECURITY] [DSA 3368-1] cyrus-sasl2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3368-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2015 https://www.debian.org/security/faq -...

4.3CVSS2.4AI score0.03589EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/09/24 12:0 a.m.17 views

Debian: Security Advisory (DSA-3368-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.03589EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.36 views

Amazon Linux AMI : cyrus-sasl (ALAS-2014-338)

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service thread crash and consumption via 1 an invalid salt or, when FIPS-140...

4.3CVSS5.4AI score0.03589EPSS
Exploits2References2
Amazon
Amazon
added 2014/05/13 12:0 a.m.36 views

Medium: cyrus-sasl

Issue Overview: Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service thread crash and consumption via 1 an invalid salt o...

4.3CVSS6.7AI score0.03589EPSS
Exploits2
seebug.org
seebug.org
added 2014/01/20 12:0 a.m.17 views

F5 ARX Series Cyrus SASL空指针引用漏洞

CVE ID:CVE-2013-4122 F5 ARX Series是F5公司开发的智能文件存储管理解决方案。 F5 ARX Series相关的ARX管理配置工具所使用的Cyrus SASL存在安全漏洞,允许远程攻击者利用漏洞提交特殊请求执行拒绝服务攻击。使用LDAP或者Kerberos进行用户验证的系统受此漏洞影响。 0 F5 ARX Series 6.x 目前没有详细解决方案提供: http://support.f5.com/kb/en-us/products/arx.html...

4.3CVSS0.9AI score0.03589EPSS
Exploits2
F5 Networks
F5 Networks
added 2014/01/14 12:0 a.m.26 views

SOL14901 - SASL vulnerability CVE-2013-4122

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

4.3CVSS3.4AI score0.03589EPSS
Exploits2References5
CVE
CVE
added 2013/10/27 12:0 a.m.106 views

CVE-2013-4122

CVE-2013-4122 affects Cyrus SASL 2.1.23, 2.1.26 and earlier. The root cause is incorrect handling of when a NULL value is returned on error by the crypt function in glibc 2.17+, enabling remote DoS via (1) invalid salt or (2) DES or (3) MD5 passwords when FIPS-140 is enabled, triggering a NULL po...

4.3CVSS6.4AI score0.03589EPSS
Exploits2References9Affected Software1
securityvulns
securityvulns
added 2013/10/12 12:0 a.m.61 views

[USN-1988-1] Cyrus SASL vulnerability

========================================================================== Ubuntu Security Notice USN-1988-1 October 09, 2013 cyrus-sasl2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...

4.3CVSS0.1AI score0.03589EPSS
Exploits2
Rows per page
Query Builder