CVE-2002-1347 in SASLinformazioni

Riassunto

di MITRE

Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgazione

18/12/2002

Moderazione

accettato

Voce

VDB-19226

CPE

pronto

CWE

CWE-193 (confermato)

CVSS

7.3 (VulDB)

EPSS

0.07078

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1347
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1347
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1347/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you know our Splunk app?

Download it now for free!