You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note:Versions mentioned in the description apply only to the upstream cyrus-sasl2 package and not the cyrus-sasl2 package as distributed by Debian. See How to fix? for Debian:8 relevant fixed versions and status.
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
Remediation
Upgrade Debian:8cyrus-sasl2 to version 2.1.26.dfsg1-13+deb8u2 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream
cyrus-sasl2package and not thecyrus-sasl2package as distributed byDebian.See
How to fix?forDebian:8relevant fixed versions and status.cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
Remediation
Upgrade
Debian:8cyrus-sasl2to version 2.1.26.dfsg1-13+deb8u2 or higher.References
The text was updated successfully, but these errors were encountered: