Lucene search

[email protected]CVE-2005-0373

HistoryFeb 13, 2005 - 5:00 a.m.

CVE-2005-0373

2005-02-1305:00:00

[email protected]

web.nvd.nist.gov

cve-2005-0373

buffer overflow

digestmd5.c

cvs release 1.170

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.035 Low

EPSS

Percentile

91.5%

JSON

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

Affected configurations

NVD

Node

cyrussaslMatch1.5.24

cyrussaslMatch1.5.27

cyrussaslMatch1.5.28

cyrussaslMatch2.1.9

cyrussaslMatch2.1.10

cyrussaslMatch2.1.11

cyrussaslMatch2.1.12

cyrussaslMatch2.1.13

cyrussaslMatch2.1.14

cyrussaslMatch2.1.15

cyrussaslMatch2.1.16

cyrussaslMatch2.1.17

cyrussaslMatch2.1.18

cyrussaslMatch2.1.18_r1

openpkgopenpkgMatch2.1

openpkgopenpkgMatch2.2

susesuse_cvsupMatch16.1h_36.i586

conectivalinuxMatch9.0

conectivalinuxMatch10.0

Node

applemac_os_xMatch10.0

applemac_os_xMatch10.0.1

applemac_os_xMatch10.0.2

applemac_os_xMatch10.0.3

applemac_os_xMatch10.0.4

applemac_os_xMatch10.1

applemac_os_xMatch10.1.1

applemac_os_xMatch10.1.2

applemac_os_xMatch10.1.3

applemac_os_xMatch10.1.4

applemac_os_xMatch10.1.5

applemac_os_xMatch10.2

applemac_os_xMatch10.2.1

applemac_os_xMatch10.2.2

applemac_os_xMatch10.2.3

applemac_os_xMatch10.2.4

applemac_os_xMatch10.2.5

applemac_os_xMatch10.2.6

applemac_os_xMatch10.2.7

applemac_os_xMatch10.2.8

applemac_os_xMatch10.3

applemac_os_xMatch10.3.1

applemac_os_xMatch10.3.2

applemac_os_xMatch10.3.3

applemac_os_xMatch10.3.4

applemac_os_xMatch10.3.5

applemac_os_xMatch10.3.6

applemac_os_xMatch10.3.7

applemac_os_xMatch10.3.8

applemac_os_x_serverMatch10.0

applemac_os_x_serverMatch10.1

applemac_os_x_serverMatch10.1.1

applemac_os_x_serverMatch10.1.2

applemac_os_x_serverMatch10.1.3

applemac_os_x_serverMatch10.1.4

applemac_os_x_serverMatch10.1.5

applemac_os_x_serverMatch10.2

applemac_os_x_serverMatch10.2.1

applemac_os_x_serverMatch10.2.2

applemac_os_x_serverMatch10.2.3

applemac_os_x_serverMatch10.2.4

applemac_os_x_serverMatch10.2.5

applemac_os_x_serverMatch10.2.6

applemac_os_x_serverMatch10.2.7

applemac_os_x_serverMatch10.2.8

applemac_os_x_serverMatch10.3

applemac_os_x_serverMatch10.3.1

applemac_os_x_serverMatch10.3.2

applemac_os_x_serverMatch10.3.3

applemac_os_x_serverMatch10.3.4

applemac_os_x_serverMatch10.3.5

applemac_os_x_serverMatch10.3.6

applemac_os_x_serverMatch10.3.7

applemac_os_x_serverMatch10.3.8

redhatfedora_coreMatchcore_1.0

susesuse_linuxMatch1.0desktop

susesuse_linuxMatch8.0

susesuse_linuxMatch8.0i386

susesuse_linuxMatch8.1

susesuse_linuxMatch8.2

susesuse_linuxMatch9.0

susesuse_linuxMatch9.0enterprise_server

susesuse_linuxMatch9.0x86_64

susesuse_linuxMatch9.1

susesuse_linuxMatch9.1x86_64

susesuse_linuxMatch9.2

susesuse_linuxMatch9.2x86_64

CPENameOperatorVersion
cyrus:saslcyrus sasleq1.5.24
cyrus:saslcyrus sasleq1.5.27
cyrus:saslcyrus sasleq1.5.28
cyrus:saslcyrus sasleq2.1.9
cyrus:saslcyrus sasleq2.1.10
cyrus:saslcyrus sasleq2.1.11
cyrus:saslcyrus sasleq2.1.12
cyrus:saslcyrus sasleq2.1.13
cyrus:saslcyrus sasleq2.1.14
cyrus:saslcyrus sasleq2.1.15

CPE	Name	Operator	Version
cyrus:sasl	cyrus sasl	eq	1.5.24
cyrus:sasl	cyrus sasl	eq	1.5.27
cyrus:sasl	cyrus sasl	eq	1.5.28
cyrus:sasl	cyrus sasl	eq	2.1.9
cyrus:sasl	cyrus sasl	eq	2.1.10
cyrus:sasl	cyrus sasl	eq	2.1.11
cyrus:sasl	cyrus sasl	eq	2.1.12
cyrus:sasl	cyrus sasl	eq	2.1.13
cyrus:sasl	cyrus sasl	eq	2.1.14
cyrus:sasl	cyrus sasl	eq	2.1.15