Vulnerability Description
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cyrus | Sasl | 2.1.18 |
Related Weaknesses (CWE)
References
- ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc
- http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=7775
- http://labs.musecurity.com/advisories/MU-200604-01.txtPatch
- http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.html
- http://secunia.com/advisories/19618PatchVendor Advisory
- http://secunia.com/advisories/19753Vendor Advisory
- http://secunia.com/advisories/19809Vendor Advisory
- http://secunia.com/advisories/19825Vendor Advisory
- http://secunia.com/advisories/19964Vendor Advisory
- http://secunia.com/advisories/20014Vendor Advisory
- http://secunia.com/advisories/22187Vendor Advisory
- http://secunia.com/advisories/26708Vendor Advisory
- http://secunia.com/advisories/26857Vendor Advisory
- http://secunia.com/advisories/27237Vendor Advisory
FAQ
What is CVE-2006-1721?
CVE-2006-1721 is a vulnerability with a CVSS score of 2.6 (LOW). digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of ser...
How severe is CVE-2006-1721?
CVE-2006-1721 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1721?
Check the references section above for vendor advisories and patch information. Affected products include: Cyrus Sasl.