Any info on CVE-2006-1721 ?
Biswatosh
biswatosh2001 at yahoo.com
Tue Oct 3 13:30:14 EDT 2006
Thanks Alexei.
Cud u or anybody else point out the CMU SASL page
where I can get info about what to set CVSROOT to and
etc?
Must I become a member of sasl-cvs? And,then what?
Or,to cut it short, please just tell me the lines
changed in digestmd5.c for that bug.
Thanks
Biswatosh
--- Alexey Melnikov <alexey.melnikov at isode.com> wrote:
> Biswatosh wrote:
>
> >Hi,
> >
> >Sorry, for repeating the mail. The earlier mail had
> a
> >wrong subject. It might be misleading or not
> tempting
> >enough for reading.
> >
> >The content is repeated below:
> >
> >Any info on CVE-2006-1721 (titled Cyrus SASL
> Remote
> >Digest-MD5 Denial of Service Vulnerability) ?
> >See:
> >http://www.securityfocus.com/bid/17446/info
> >
> >As I see, the current version has the problem
> fixed.
> >I am interested in knowing :
> >
> >1)The Bug Id, by which can see about the Bug.
> >
> >
> There is no bug in Bugzilla for this. Maybe one
> should be created.
>
> >2)If Bug Id is not there, any idea, what was the
> exact
> >problem in digestmd5.c and how was it solved?
> >
> >
> cvs diff -u -r 1.173 -r 1.175 plugins/digestmd5.c
>
> >3)It looks this problem was in version 2.1.18.
> Which
> >version fixed it?
> >
> >
> 2.1.21
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the Cyrus-sasl
mailing list