Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0373

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0373
Last Modified 10 Sep 2008 03:35:27
Published 07 Oct 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0373

Summary

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.0

  • Apple Mac Os X 10.0.1

  • Apple Mac Os X 10.0.2

  • Apple Mac Os X 10.0.3

  • Apple Mac Os X 10.0.4

  • Apple Mac Os X 10.1

  • Apple Mac Os X 10.1.1

  • Apple Mac Os X 10.1.2

  • Apple Mac Os X 10.1.3

  • Apple Mac Os X 10.1.4

  • Apple Mac Os X 10.1.5

  • Apple Mac Os X 10.2

  • Apple Mac Os X 10.2.1

  • Apple Mac Os X 10.2.2

  • Apple Mac Os X 10.2.3

  • Apple Mac Os X 10.2.4

  • Apple Mac Os X 10.2.5

  • Apple Mac Os X 10.2.6

  • Apple Mac Os X 10.2.7

  • Apple Mac Os X 10.2.8

  • Apple Mac Os X 10.3

  • Apple Mac Os X 10.3.1

  • Apple Mac Os X 10.3.2

  • Apple Mac Os X 10.3.3

  • Apple Mac Os X 10.3.4

  • Apple Mac Os X 10.3.5

  • Apple Mac Os X 10.3.6

  • Apple Mac Os X 10.3.7

  • Apple Mac Os X 10.3.8

  • Apple Mac Os X Server 10.0

  • Apple Mac Os X Server 10.1

  • Apple Mac Os X Server 10.1.1

  • Apple Mac Os X Server 10.1.2

  • Apple Mac Os X Server 10.1.3

  • Apple Mac Os X Server 10.1.4

  • Apple Mac Os X Server 10.1.5

  • Apple Mac Os X Server 10.2

  • Apple Mac Os X Server 10.2.1

  • Apple Mac Os X Server 10.2.2

  • Apple Mac Os X Server 10.2.3

  • Apple Mac Os X Server 10.2.4

  • Apple Mac Os X Server 10.2.5

  • Apple Mac Os X Server 10.2.6

  • Apple Mac Os X Server 10.2.7

  • Apple Mac Os X Server 10.2.8

  • Apple Mac Os X Server 10.3

  • Apple Mac Os X Server 10.3.1

  • Apple Mac Os X Server 10.3.2

  • Apple Mac Os X Server 10.3.3

  • Apple Mac Os X Server 10.3.4

  • Apple Mac Os X Server 10.3.5

  • Apple Mac Os X Server 10.3.6

  • Apple Mac Os X Server 10.3.7

  • Apple Mac Os X Server 10.3.8

  • Conectiva Linux 10.0

  • Conectiva Linux 9.0

  • Redhat Fedora Core Core 1.0

  • Suse Linux 1.0

  • Suse Linux 8.0

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Suse Linux 9.2

Application

  • Cyrus Sasl 1.5.24

  • Cyrus Sasl 1.5.27

  • Cyrus Sasl 1.5.28

  • Cyrus Sasl 2.1.10

  • Cyrus Sasl 2.1.11

  • Cyrus Sasl 2.1.12

  • Cyrus Sasl 2.1.13

  • Cyrus Sasl 2.1.14

  • Cyrus Sasl 2.1.15

  • Cyrus Sasl 2.1.16

  • Cyrus Sasl 2.1.17

  • Cyrus Sasl 2.1.18

  • Cyrus Sasl 2.1.18 R1

  • Cyrus Sasl 2.1.9

  • Openpkg 2.1

  • Openpkg 2.2

  • Suse Cvsup 16.1h 36.i586


References

XF - cyrus-sasl-digestmda5-bo(17642)

BID - 11347

MLIST - [openbsd-ports] 20040717 UPDATE: cyrus-sasl-2.1.19

SUSE - SUSE-SR:2005:006

GENTOO - GLSA-200410-05

CONFIRM - https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup

CONFIRM - https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171

MANDRAKE - MDKSA-2005:054


Last Updated: 27 May 2016 10:39:46