Family: Debian Local Security Checks --> Category: infos
[DSA1042] DSA-1042-1 cyrus-sasl2 Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
The Mu Security research team discovered a denial of service condition
in the Simple Authentication and Security Layer authentication library
(SASL) during DIGEST-MD5 negotiation. This potentially affects
multiple products that use SASL DIGEST-MD5 authentication including
OpenLDAP, Sendmail, Postfix, etc.
The old stable distribution (woody) is not affected by this problem.
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your cyrus-sasl2 packages.
Solution : http://www.debian.org/security/2006/dsa-1042
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.