Rapid7 Vulnerability & Exploit Database

RHSA-2000:094: Updated cyrus-sasl packages available for Red Hat Linux 7

Back to Search

RHSA-2000:094: Updated cyrus-sasl packages available for Red Hat Linux 7

Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
12/19/2000
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

Updated cyrus-sasl packages are now available for Red Hat Linux 7.

An error existed in the authorization checks in the version of cyrus-sasl shipped with Red Hat Linux 7. Due to this bug, users who had been successfully authenticated could be allowed access to resources even if the system had been configured to deny these users access. Versions of cyrus-sasl included in previous releases of Red Hat Power Tools did not implement this function and are not affected by this bug.

Solution(s)

  • redhat-upgrade-cyrus-sasl

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;