Vulnerability Description
The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cyrus | Sasl | 1.5.24 |
| Conectiva | Linux | 9.0 |
References
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134657
- http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
- http://marc.info/?l=bugtraq&m=110693126007214&w=2
- http://rhn.redhat.com/errata/RHSA-2004-546.html
- http://www.ciac.org/ciac/bulletins/p-003.shtml
- http://www.debian.org/security/2004/dsa-563PatchVendor Advisory
- http://www.debian.org/security/2004/dsa-568
- http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:106
- http://www.securityfocus.com/bid/11347PatchVendor Advisory
- http://www.trustix.net/errata/2004/0053/
- https://bugzilla.fedora.us/show_bug.cgi?id=2137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17643
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134657
FAQ
What is CVE-2004-0884?
CVE-2004-0884 is a vulnerability with a CVSS score of 7.2 (HIGH). The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary ...
How severe is CVE-2004-0884?
CVE-2004-0884 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0884?
Check the references section above for vendor advisories and patch information. Affected products include: Cyrus Sasl, Conectiva Linux.