Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2005:054: cyrus-sasl Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cyrus-sasl package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2005:054 (cyrus-sasl).
A buffer overflow was discovered in cyrus-sasl's digestmd5 code. This could
lead to a remote attacker executing code in the context of the service using
SASL authentication. This vulnerability was fixed upstream in version 2.1.19.
The updated packages are patched to deal with this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:054
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.