security advisory regarding cyrus-sasl?
Alexey Melnikov
alexey.melnikov at isode.com
Wed Apr 12 13:07:58 EDT 2006
Marcus Meissner wrote:
>Hi folks,
>
>We saw this advisory for cyrus-sasl, but can't see the problem
>or the real issue.
>
>http://labs.musecurity.com/advisories/MU-200604-01.txt
>
>Is this issue for real?
>
>
Yes, certain malformed input can cause segfault in the server side
DIGEST-MD5 plugin.
DIGEST-MD5 client side might be affected as well.
More information about the Cyrus-sasl
mailing list