2.6
CVE-2006-1721
- EPSS 2.43%
- Veröffentlicht 11.04.2006 23:02:00
- Zuletzt bearbeitet 16.06.2026 22:23:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.43% | 0.821 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc
http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=7775
http://labs.musecurity.com/advisories/MU-200604-01.txt
http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.html
http://secunia.com/advisories/19618
http://secunia.com/advisories/19753
http://secunia.com/advisories/19809
http://secunia.com/advisories/19825
http://secunia.com/advisories/19964
http://secunia.com/advisories/20014
http://secunia.com/advisories/22187
http://secunia.com/advisories/26708
http://secunia.com/advisories/26857
http://secunia.com/advisories/27237
http://secunia.com/advisories/30535
http://securitytracker.com/id?1016960
http://support.avaya.com/elmodocs2/security/ASA-2007-426.htm
http://www.debian.org/security/2006/dsa-1042
http://www.gentoo.org/security/en/glsa/glsa-200604-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:073
http://www.novell.com/linux/security/advisories/2006_05_05.html
http://www.redhat.com/support/errata/RHSA-2007-0795.html
http://www.redhat.com/support/errata/RHSA-2007-0878.html
http://www.securityfocus.com/archive/1/493080/100/0/threaded
http://www.securityfocus.com/bid/17446
http://www.trustix.org/errata/2006/0024
http://www.vmware.com/security/advisories/VMSA-2008-0009.html
http://www.vupen.com/english/advisories/2006/1306
http://www.vupen.com/english/advisories/2006/3852
http://www.vupen.com/english/advisories/2008/1744
https://exchange.xforce.ibmcloud.com/vulnerabilities/25738
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9861
https://usn.ubuntu.com/272-1/