security advisory regarding cyrus-sasl?

Marcus Meissner meissner at suse.de
Wed Apr 12 15:02:49 EDT 2006


On Wed, Apr 12, 2006 at 08:41:09PM +0200, Marcel Holtmann wrote:
> Hi Alexey,
> 
> > >We saw this advisory for cyrus-sasl, but can't see the problem
> > >or the real issue.
> > >
> > >http://labs.musecurity.com/advisories/MU-200604-01.txt
> > >
> > >Is this issue for real?
> > >  
> > >
> > Yes, certain malformed input can cause segfault in the server side 
> > DIGEST-MD5 plugin.
> > DIGEST-MD5 client side might be affected as well.
> 
> the advisory speaks about cyrus-sasl-2.1.18 and is really vague. Can you
> tell us when it got fixed and point to an actual patch in the CVS. I
> assume that this issue has already been fixed in version 2.1.20, but
> also I might be wrong with this assumption.

I found this one:

https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171

a heap buffer overflow?

Ciao, Marcus


More information about the Cyrus-sasl mailing list