[3.1] cyrus-sasl: NULL pointer dereference (DoS) when glibc v.2.17 or FIPS-140 enabled Linux system used(CVE-2013-4122)
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a
NULL value
is returned upon an error by the crypt function as implemented in glibc
2.17 and later,
which allows remote attackers to cause a denial of service (thread crash
and consumption) via (1) an invalid salt or,
when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password,
which triggers a NULL pointer dereference.
References
https://security-tracker.debian.org/tracker/CVE-2013-4122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122
http://openwall.com/lists/oss-security/2013/07/12/3
http://www.ubuntu.com/usn/usn-1988-1
patch
http://git.cyrusimap.org/cyrus-sasl/commit/?id=dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d
(from redmine: issue id 4698, created on 2015-09-30, closed on 2015-12-10)
- Relations:
- parent #4695 (closed)
- Changesets:
- Revision 7c1c98ce on 2015-12-04T09:27:08Z:
main/cyrus-sasl: security fix for CVE-2013-4122. Fixes #4698