Debian Security Advisory DSA 568-1 - A vulnerability has been discovered in the Cyrus implementation of the SASL library, the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. The library honors the environment variable SASL_PATH blindly, which allows a local user to link against a malicious library to run arbitrary code with the privileges of a setuid or setgid application.
94dfb416a2d838aac6036c6e0afd7a491195e67628c775de9243c1d4b0f6e946Gentoo Linux Security Advisory GLSA 200410-05 - Cyrus-SASL contains two vulnerabilities that might allow an attacker to completely compromise the vulnerable system.
5ba337b1e28e743843f56389236966ffc54ed2ace62f30a576b2a31086385623
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed