vulnerability
SUSE: CVE-2019-19906: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Dec 19, 2019 | Dec 18, 2020 | Feb 4, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Dec 19, 2019
Added
Dec 18, 2020
Modified
Feb 4, 2022
Description
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
Solution(s)
suse-upgrade-cyrus-saslsuse-upgrade-cyrus-sasl-32bitsuse-upgrade-cyrus-sasl-bdbsuse-upgrade-cyrus-sasl-bdb-develsuse-upgrade-cyrus-sasl-bdb-digestmd5suse-upgrade-cyrus-sasl-bdb-gs2suse-upgrade-cyrus-sasl-bdb-gssapisuse-upgrade-cyrus-sasl-bdb-ntlmsuse-upgrade-cyrus-sasl-bdb-otpsuse-upgrade-cyrus-sasl-bdb-plainsuse-upgrade-cyrus-sasl-bdb-scramsuse-upgrade-cyrus-sasl-crammd5suse-upgrade-cyrus-sasl-crammd5-32bitsuse-upgrade-cyrus-sasl-develsuse-upgrade-cyrus-sasl-digestmd5suse-upgrade-cyrus-sasl-digestmd5-32bitsuse-upgrade-cyrus-sasl-gssapisuse-upgrade-cyrus-sasl-gssapi-32bitsuse-upgrade-cyrus-sasl-openssl1suse-upgrade-cyrus-sasl-openssl1-32bitsuse-upgrade-cyrus-sasl-openssl1-crammd5suse-upgrade-cyrus-sasl-openssl1-crammd5-32bitsuse-upgrade-cyrus-sasl-openssl1-crammd5-x86suse-upgrade-cyrus-sasl-openssl1-digestmd5suse-upgrade-cyrus-sasl-openssl1-digestmd5-32bitsuse-upgrade-cyrus-sasl-openssl1-digestmd5-x86suse-upgrade-cyrus-sasl-openssl1-gssapisuse-upgrade-cyrus-sasl-openssl1-gssapi-32bitsuse-upgrade-cyrus-sasl-openssl1-gssapi-x86suse-upgrade-cyrus-sasl-openssl1-ntlmsuse-upgrade-cyrus-sasl-openssl1-otpsuse-upgrade-cyrus-sasl-openssl1-otp-32bitsuse-upgrade-cyrus-sasl-openssl1-otp-x86suse-upgrade-cyrus-sasl-openssl1-plainsuse-upgrade-cyrus-sasl-openssl1-plain-32bitsuse-upgrade-cyrus-sasl-openssl1-plain-x86suse-upgrade-cyrus-sasl-openssl1-x86suse-upgrade-cyrus-sasl-otpsuse-upgrade-cyrus-sasl-otp-32bitsuse-upgrade-cyrus-sasl-plainsuse-upgrade-cyrus-sasl-plain-32bitsuse-upgrade-cyrus-sasl-saslauthdsuse-upgrade-cyrus-sasl-saslauthd-bdbsuse-upgrade-cyrus-sasl-sqlauxpropsuse-upgrade-cyrus-sasl-sqlauxprop-32bitsuse-upgrade-cyrus-sasl-sqlauxprop-bdbsuse-upgrade-libsasl2-3suse-upgrade-libsasl2-3-32bit
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.