• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cyrus SASL Remote Digest-MD5 Denial of Service Vulnerability

Cyrus SASL is affected by a remote denial-of-service vulnerability. This issue occurs before successful authentication, allowing anonymous remote attackers to trigger it.

This vulnerability allows remote attackers to crash services using the affected SASL library, denying service to legitimate users.

This issue reportedly affects Cyrus SASL 2.1.18; other versions may also be affected.