2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:N/A:P
0.073 Low
EPSS
Percentile
94.1%
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | cyrus-sasl2 | < 2.1.19.dfsg1-0.2 | cyrus-sasl2_2.1.19.dfsg1-0.2_all.deb |
Debian | 11 | all | cyrus-sasl2 | < 2.1.19.dfsg1-0.2 | cyrus-sasl2_2.1.19.dfsg1-0.2_all.deb |
Debian | 999 | all | cyrus-sasl2 | < 2.1.19.dfsg1-0.2 | cyrus-sasl2_2.1.19.dfsg1-0.2_all.deb |
Debian | 13 | all | cyrus-sasl2 | < 2.1.19.dfsg1-0.2 | cyrus-sasl2_2.1.19.dfsg1-0.2_all.deb |