Cyrus SASL vulnerability

2020-01-2800:00:00

ubuntu.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.3%

JSON

Releases

Ubuntu 19.10
Ubuntu 18.04 ESM
Ubuntu 16.04 ESM
Ubuntu 14.04 ESM
Ubuntu 12.04

Packages

cyrus-sasl2 - Cyrus Simple Authentication and Security Layer

Details

It was discovered that Cyrus SASL incorrectly handled certain LDAP packets.
An attacker could possibly use this issue to execute arbitrary code or cause
a denial of service.

OSVersionArchitecturePackageVersionFilename
Ubuntu19.10noarchlibsasl2-2< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchcyrus-sasl2-doc< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-2-dbgsym< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-dev< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-modules< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-modules-db< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-modules-db-dbgsym< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-modules-dbgsym< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-modules-gssapi-heimdal< 2.1.27+dfsg-1ubuntu0.1UNKNOWN
Ubuntu19.10noarchlibsasl2-modules-gssapi-heimdal-dbgsym< 2.1.27+dfsg-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	19.10	noarch	libsasl2-2	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	cyrus-sasl2-doc	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-2-dbgsym	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-dev	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-modules	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-modules-db	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-modules-db-dbgsym	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-modules-dbgsym	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-modules-gssapi-heimdal	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN
Ubuntu	19.10	noarch	libsasl2-modules-gssapi-heimdal-dbgsym	< 2.1.27+dfsg-1ubuntu0.1	UNKNOWN