Any info on CVE-2006-1721 ?
alexey.melnikov at isode.com
Tue Oct 3 12:52:01 EDT 2006
>Sorry, for repeating the mail. The earlier mail had a
>wrong subject. It might be misleading or not tempting
>enough for reading.
>The content is repeated below:
>Any info on CVE-2006-1721 (titled Cyrus SASL Remote
>Digest-MD5 Denial of Service Vulnerability) ?
>As I see, the current version has the problem fixed.
>I am interested in knowing :
>1)The Bug Id, by which can see about the Bug.
There is no bug in Bugzilla for this. Maybe one should be created.
>2)If Bug Id is not there, any idea, what was the exact
>problem in digestmd5.c and how was it solved?
cvs diff -u -r 1.173 -r 1.175 plugins/digestmd5.c
>3)It looks this problem was in version 2.1.18. Which
>version fixed it?
More information about the Cyrus-sasl