security advisory regarding cyrus-sasl?

Alexey Melnikov alexey.melnikov at isode.com
Wed Apr 12 13:07:58 EDT 2006


Marcus Meissner wrote:

>Hi folks,
>
>We saw this advisory for cyrus-sasl, but can't see the problem
>or the real issue.
>
>http://labs.musecurity.com/advisories/MU-200604-01.txt
>
>Is this issue for real?
>  
>
Yes, certain malformed input can cause segfault in the server side 
DIGEST-MD5 plugin.
DIGEST-MD5 client side might be affected as well.



More information about the Cyrus-sasl mailing list