Any info on CVE-2006-1721 ?

Biswatosh biswatosh2001 at yahoo.com
Tue Oct 3 13:30:14 EDT 2006


Thanks Alexei.

Cud u or anybody else point out the CMU SASL page
where I can get info about what to set CVSROOT to and
etc?
Must I become a member of sasl-cvs? And,then what?

Or,to cut it short, please just tell me the lines
changed in digestmd5.c for that bug.
 
Thanks
Biswatosh
--- Alexey Melnikov <alexey.melnikov at isode.com> wrote:

> Biswatosh wrote:
> 
> >Hi, 
> >
> >Sorry, for repeating the mail. The earlier mail had
> a
> >wrong subject. It might be misleading or not
> tempting
> >enough for reading.
> >
> >The content is repeated below:
> >
> >Any info on  CVE-2006-1721 (titled  Cyrus SASL
> Remote
> >Digest-MD5 Denial of Service Vulnerability) ?
> >See:
> >http://www.securityfocus.com/bid/17446/info 
> >
> >As I see, the current version has the problem
> fixed.
> >I am interested in knowing :
> >
> >1)The Bug Id, by which can see about the Bug.
> >  
> >
> There is no bug in Bugzilla for this. Maybe one
> should be created.
> 
> >2)If Bug Id is not there, any idea, what was the
> exact
> >problem in digestmd5.c and how was it solved?
> >  
> >
> cvs diff -u -r 1.173 -r 1.175 plugins/digestmd5.c
> 
> >3)It looks this problem was in version 2.1.18.
> Which
> >version fixed it?
> >  
> >
> 2.1.21
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


More information about the Cyrus-sasl mailing list