Family: Red Hat Local Security Checks --> Category: infos
RHSA-2004-546: cyrus Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the cyrus packages
Detailed Explanation for this Vulnerability Test
Updated cyrus-sasl packages that fix a setuid and setgid application
vulnerability are now available.
[Updated 7th October 2004]
Revised cryus-sasl packages have been added for Red Hat Enterprise Linux 3
the patch in the previous packages broke interaction with ldap.
The cyrus-sasl package contains the Cyrus implementation of SASL. SASL is
the Simple Authentication and Security Layer, a method for adding
authentication support to connection-based protocols.
At application startup, libsasl and libsasl2 attempts to build a list
of all available SASL plug-ins which are available on the system. To do
so, the libraries search for and attempt to load every shared library found
within the plug-in directory. This location can be set with the SASL_PATH
In situations where an untrusted local user can affect the environment of a
privileged process, this behavior could be exploited to run arbitrary code
with the rights of a setuid or setgid application. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-0884 to this issue.
Users of cyrus-sasl should upgrade to these updated packages, which contain
backported patches and are not vulnerable to this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2004-546.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.