Any info on CVE-2006-1721 ?
Alexey Melnikov
alexey.melnikov at isode.com
Tue Oct 3 12:52:01 EDT 2006
Biswatosh wrote:
>Hi,
>
>Sorry, for repeating the mail. The earlier mail had a
>wrong subject. It might be misleading or not tempting
>enough for reading.
>
>The content is repeated below:
>
>Any info on CVE-2006-1721 (titled Cyrus SASL Remote
>Digest-MD5 Denial of Service Vulnerability) ?
>See:
>http://www.securityfocus.com/bid/17446/info
>
>As I see, the current version has the problem fixed.
>I am interested in knowing :
>
>1)The Bug Id, by which can see about the Bug.
>
>
There is no bug in Bugzilla for this. Maybe one should be created.
>2)If Bug Id is not there, any idea, what was the exact
>problem in digestmd5.c and how was it solved?
>
>
cvs diff -u -r 1.173 -r 1.175 plugins/digestmd5.c
>3)It looks this problem was in version 2.1.18. Which
>version fixed it?
>
>
2.1.21
More information about the Cyrus-sasl
mailing list