Abrir sesión
logo

DEFENSA FRONTE ÁS CIBERAMEAZAS

barra-separadora

Soporte de vulnerabilidades

Servicio de soporte de vulnerabilidadesAnálisis, notificación y seguimiento de aquellas vulnerabilidades más críticas, que impactan especialmente en las tecnologías empleadas en el sector público. El CCN-CERT trabajará en la recopilación y clasificación de las nuevas vulnerabilidades, realizando un análisis teórico y en laboratorio, cuando sea posible, de aquellas que por su criticidad lo requieran.

Se generarán documentos informativos o “abstracts” de dichas vulnerabilidades y se llevará a cabo un seguimiento de la evolución de la vulnerabilidad en Internet, alertando a los organismos ante cambios en la criticidad, aparición de parches, nuevas recomendaciones, constancia de explotaciones activas, etc.

Para inscribirse en este servicio o recibir más información, escribir al correo electrónico: soporte_acreditacion@ccn.cni.es

Abstracts:


Vulnerability Bulletins


Aumento de privilegios mediante cyrus-sasl

Vulnerability classification

Property Value
Confidence level Oficial
Impact Aumento de privilegios
Dificulty Experto
Required attacker level Acceso remoto con cuenta

System information

Property Value
Affected manufacturer GNU/Linux
Affected software Cyrus-sasl

Description

Se ha descubierto una vulnerabilidad en la librería libsasl de cyrus-sasl; sasl es un método para añadir autenticación a protocolos orientados a conexión.

La vulnerabilidad reside en el manejo de la variable de entorno SASL_PATH donde se guarda la localización en que libsasl busca librerías (o plug-ins) para cargar.

La explotación de esta vulnerabilidad podría permitir a un atacante local ejecutar código con los privilegios del id efectivo de sasl especificando una localización en la variable SASL_PATH y creando una librería maliciosa que se cargará cuando alguna aplicación llame a libsasl.

Solution



Actualización de software

Mandrake Linux

Mandrakelinux 9.2
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/cyrus-sasl-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-devel-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-anonymous-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-crammd5-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-digestmd5-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-gssapi-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-login-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-ntlm-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-otp-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-plain-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-sasldb-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/RPMS/libsasl2-plug-srp-2.1.15-4.1.92mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/9.2/SRPMS/cyrus-sasl-2.1.15-4.1.92mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/cyrus-sasl-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-devel-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-anonymous-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-crammd5-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-digestmd5-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-gssapi-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-login-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-ntlm-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-otp-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-plain-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-sasldb-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/RPMS/lib64sasl2-plug-srp-2.1.15-4.1.92mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/9.2/SRPMS/cyrus-sasl-2.1.15-4.1.92mdk.src.rpm

Mandrakelinux 10.0
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/cyrus-sasl-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-devel-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-anonymous-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-crammd5-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-digestmd5-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-gssapi-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-login-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-ntlm-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-otp-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-plain-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-sasldb-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/RPMS/libsasl2-plug-srp-2.1.15-10.1.100mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.0/SRPMS/cyrus-sasl-2.1.15-10.1.100mdk.src.rpm
AMD64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/cyrus-sasl-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-devel-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-anonymous-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-crammd5-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-digestmd5-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-gssapi-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-login-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-ntlm-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-otp-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-plain-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-sasldb-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/RPMS/lib64sasl2-plug-srp-2.1.15-10.1.100mdk.amd64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/amd64/10.0/SRPMS/cyrus-sasl-2.1.15-10.1.100mdk.src.rpm

Mandrake Corporate Server 2.1
x86
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/cyrus-sasl-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libsasl7-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libsasl7-devel-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libsasl7-plug-anonymous-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libsasl7-plug-crammd5-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libsasl7-plug-digestmd5-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libsasl7-plug-login-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/RPMS/libsasl7-plug-plain-1.5.27-5.1.C21mdk.i586.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/2.1/SRPMS/cyrus-sasl-1.5.27-5.1.C21mdk.src.rpm
X86_64
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/cyrus-sasl-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libsasl7-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libsasl7-devel-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libsasl7-plug-anonymous-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libsasl7-plug-crammd5-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libsasl7-plug-digestmd5-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libsasl7-plug-login-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/RPMS/libsasl7-plug-plain-1.5.27-5.1.C21mdk.x86_64.rpm
ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/2.1/SRPMS/cyrus-sasl-1.5.27-5.1.C21mdk.src.rpm

Red Hat Linux

Red Hat Desktop (v. 3)
AMD64
cyrus-sasl-2.1.15-10.x86_64.rpm
cyrus-sasl-devel-2.1.15-10.x86_64.rpm
cyrus-sasl-gssapi-2.1.15-10.x86_64.rpm
cyrus-sasl-md5-2.1.15-10.x86_64.rpm
cyrus-sasl-plain-2.1.15-10.x86_64.rpm
SRPMS
cyrus-sasl-2.1.15-10.src.rpm
i386
cyrus-sasl-2.1.15-10.i386.rpm
cyrus-sasl-devel-2.1.15-10.i386.rpm
cyrus-sasl-gssapi-2.1.15-10.i386.rpm
cyrus-sasl-md5-2.1.15-10.i386.rpm
cyrus-sasl-plain-2.1.15-10.i386.rpm
cyrus-sasl-2.1.15-10.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 2.1)
SRPMS
cyrus-sasl-1.5.24-26.src.rpm
i386
cyrus-sasl-1.5.24-26.i386.rpm
cyrus-sasl-devel-1.5.24-26.i386.rpm
cyrus-sasl-gssapi-1.5.24-26.i386.rpm
cyrus-sasl-md5-1.5.24-26.i386.rpm
cyrus-sasl-plain-1.5.24-26.i386.rpm
ia64
cyrus-sasl-1.5.24-26.ia64.rpm
cyrus-sasl-devel-1.5.24-26.ia64.rpm
cyrus-sasl-gssapi-1.5.24-26.ia64.rpm
cyrus-sasl-md5-1.5.24-26.ia64.rpm
cyrus-sasl-plain-1.5.24-26.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux AS (v. 3)
AMD64
cyrus-sasl-2.1.15-10.x86_64.rpm
cyrus-sasl-devel-2.1.15-10.x86_64.rpm
cyrus-sasl-gssapi-2.1.15-10.x86_64.rpm
cyrus-sasl-md5-2.1.15-10.x86_64.rpm
cyrus-sasl-plain-2.1.15-10.x86_64.rpm
SRPMS
cyrus-sasl-2.1.15-10.src.rpm
i386
cyrus-sasl-2.1.15-10.i386.rpm
cyrus-sasl-devel-2.1.15-10.i386.rpm
cyrus-sasl-gssapi-2.1.15-10.i386.rpm
cyrus-sasl-md5-2.1.15-10.i386.rpm
cyrus-sasl-plain-2.1.15-10.i386.rpm
cyrus-sasl-2.1.15-10.i386.rpm
cyrus-sasl-2.1.15-10.i386.rpm
ia64
cyrus-sasl-2.1.15-10.ia64.rpm
cyrus-sasl-devel-2.1.15-10.ia64.rpm
cyrus-sasl-gssapi-2.1.15-10.ia64.rpm
cyrus-sasl-md5-2.1.15-10.ia64.rpm
cyrus-sasl-plain-2.1.15-10.ia64.rpm
ppc
cyrus-sasl-2.1.15-10.ppc.rpm
cyrus-sasl-devel-2.1.15-10.ppc.rpm
cyrus-sasl-gssapi-2.1.15-10.ppc.rpm
cyrus-sasl-md5-2.1.15-10.ppc.rpm
cyrus-sasl-plain-2.1.15-10.ppc.rpm
ppc64
cyrus-sasl-2.1.15-10.ppc64.rpm
s390
cyrus-sasl-2.1.15-10.s390.rpm
cyrus-sasl-devel-2.1.15-10.s390.rpm
cyrus-sasl-gssapi-2.1.15-10.s390.rpm
cyrus-sasl-md5-2.1.15-10.s390.rpm
cyrus-sasl-plain-2.1.15-10.s390.rpm
cyrus-sasl-2.1.15-10.s390.rpm
s390x
cyrus-sasl-2.1.15-10.s390x.rpm
cyrus-sasl-devel-2.1.15-10.s390x.rpm
cyrus-sasl-gssapi-2.1.15-10.s390x.rpm
cyrus-sasl-md5-2.1.15-10.s390x.rpm
cyrus-sasl-plain-2.1.15-10.s390x.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 2.1)
SRPMS
cyrus-sasl-1.5.24-26.src.rpm
i386
cyrus-sasl-1.5.24-26.i386.rpm
cyrus-sasl-devel-1.5.24-26.i386.rpm
cyrus-sasl-gssapi-1.5.24-26.i386.rpm
cyrus-sasl-md5-1.5.24-26.i386.rpm
cyrus-sasl-plain-1.5.24-26.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux ES (v. 3)
AMD64
cyrus-sasl-2.1.15-10.x86_64.rpm
cyrus-sasl-devel-2.1.15-10.x86_64.rpm
cyrus-sasl-gssapi-2.1.15-10.x86_64.rpm
cyrus-sasl-md5-2.1.15-10.x86_64.rpm
cyrus-sasl-plain-2.1.15-10.x86_64.rpm
SRPMS
cyrus-sasl-2.1.15-10.src.rpm
i386
cyrus-sasl-2.1.15-10.i386.rpm
cyrus-sasl-devel-2.1.15-10.i386.rpm
cyrus-sasl-gssapi-2.1.15-10.i386.rpm
cyrus-sasl-md5-2.1.15-10.i386.rpm
cyrus-sasl-plain-2.1.15-10.i386.rpm
cyrus-sasl-2.1.15-10.i386.rpm
cyrus-sasl-2.1.15-10.i386.rpm
ia64
cyrus-sasl-2.1.15-10.ia64.rpm
cyrus-sasl-devel-2.1.15-10.ia64.rpm
cyrus-sasl-gssapi-2.1.15-10.ia64.rpm
cyrus-sasl-md5-2.1.15-10.ia64.rpm
cyrus-sasl-plain-2.1.15-10.ia64.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 2.1)
SRPMS
cyrus-sasl-1.5.24-26.src.rpm
i386
cyrus-sasl-1.5.24-26.i386.rpm
cyrus-sasl-devel-1.5.24-26.i386.rpm
cyrus-sasl-gssapi-1.5.24-26.i386.rpm
cyrus-sasl-md5-1.5.24-26.i386.rpm
cyrus-sasl-plain-1.5.24-26.i386.rpm
https://rhn.redhat.com/

Red Hat Enterprise Linux WS (v. 3)
AMD64
cyrus-sasl-2.1.15-10.x86_64.rpm
cyrus-sasl-devel-2.1.15-10.x86_64.rpm
cyrus-sasl-gssapi-2.1.15-10.x86_64.rpm
cyrus-sasl-md5-2.1.15-10.x86_64.rpm
cyrus-sasl-plain-2.1.15-10.x86_64.rpm
SRPMS
cyrus-sasl-2.1.15-10.src.rpm
i386
cyrus-sasl-2.1.15-10.i386.rpm
cyrus-sasl-devel-2.1.15-10.i386.rpm
cyrus-sasl-gssapi-2.1.15-10.i386.rpm
cyrus-sasl-md5-2.1.15-10.i386.rpm
cyrus-sasl-plain-2.1.15-10.i386.rpm
cyrus-sasl-2.1.15-10.i386.rpm
cyrus-sasl-2.1.15-10.i386.rpm
ia64
cyrus-sasl-2.1.15-10.ia64.rpm
cyrus-sasl-devel-2.1.15-10.ia64.rpm
cyrus-sasl-gssapi-2.1.15-10.ia64.rpm
cyrus-sasl-md5-2.1.15-10.ia64.rpm
cyrus-sasl-plain-2.1.15-10.ia64.rpm
https://rhn.redhat.com/

Red Hat Linux Advanced Workstation 2.1 Itanium Processor
SRPMS
cyrus-sasl-1.5.24-26.src.rpm
ia64
cyrus-sasl-1.5.24-26.ia64.rpm
cyrus-sasl-devel-1.5.24-26.ia64.rpm
cyrus-sasl-gssapi-1.5.24-26.ia64.rpm
cyrus-sasl-md5-1.5.24-26.ia64.rpm
cyrus-sasl-plain-1.5.24-26.ia64.rpm
https://rhn.redhat.com/

Debian Linux (cyrus-sasl)

Debian Linux 3.0
Source
http://security.debian.org/pool/updates/main/c/cyrus-sasl/cyrus-sasl_1.5.27-3.1woody5.dsc
http://security.debian.org/pool/updates/main/c/cyrus-sasl/cyrus-sasl_1.5.27-3.1woody5.diff.gz
http://security.debian.org/pool/updates/main/c/cyrus-sasl/cyrus-sasl_1.5.27.orig.tar.gz
Alpha
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_alpha.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_alpha.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_alpha.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_alpha.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_alpha.deb
ARM
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_arm.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_arm.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_arm.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_arm.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_arm.deb
Intel IA-32
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_i386.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_i386.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_i386.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_i386.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_i386.deb
Intel IA-64
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_ia64.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_ia64.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_ia64.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_ia64.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_ia64.deb
HP Precision
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_hppa.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_hppa.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_hppa.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_hppa.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_hppa.deb
Motorola 680x0
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_m68k.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_m68k.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_m68k.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_m68k.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_m68k.deb
Big endian MIPS
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_mips.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_mips.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_mips.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_mips.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_mips.deb
Little endian MIPS
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_mipsel.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_mipsel.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_mipsel.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_mipsel.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_mipsel.deb
PowerPC
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_powerpc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_powerpc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_powerpc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_powerpc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_powerpc.deb
IBM S/390
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_s390.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_s390.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_s390.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_s390.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_s390.deb
Sun Sparc
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-dev_1.5.27-3.1woody5_sparc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-digestmd5-plain_1.5.27-3.1woody5_sparc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl-modules-plain_1.5.27-3.1woody5_sparc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/libsasl7_1.5.27-3.1woody5_sparc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl/sasl-bin_1.5.27-3.1woody5_sparc.deb

Debian Linux (cyrus-sasl-mit)

Debian Linux 3.0
Source
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/cyrus-sasl-mit_1.5.24-15woody3.dsc
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/cyrus-sasl-mit_1.5.24-15woody3.diff.gz
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/cyrus-sasl-mit_1.5.24.orig.tar.gz
Alpha
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_alpha.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_alpha.deb
ARM
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_arm.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_arm.deb
Intel IA-32
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_i386.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_i386.deb
Intel IA-64
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_ia64.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_ia64.deb
HP Precision
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_hppa.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_hppa.deb
Motorola 680x0
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_m68k.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_m68k.deb
Big endian MIPS
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_mips.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_mips.deb
Little endian MIPS
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_mipsel.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_mipsel.deb
PowerPC
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_powerpc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_powerpc.deb
IBM S/390
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_s390.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_s390.deb
Sun Sparc
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-gssapi-mit_1.5.24-15woody3_sparc.deb
http://security.debian.org/pool/updates/main/c/cyrus-sasl-mit/libsasl-krb4-mit_1.5.24-15woody3_sparc.deb

Apple
Mac OS X Server v10.3.8
http://www.apple.com/support/downloads/securityupdate2005003server.html
Mac OS X v10.3.8
http://www.apple.com/support/downloads/securityupdate2005003client.html

Standar resources

Property Value
CVE CAN-2004-0884
BID NULL

Other resources

Mandrakesoft Security Advisory MDKSA-2004:106
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:106

Red Hat Security Advisory RHSA-2004:546-18
https://rhn.redhat.com/errata/RHSA-2004-546.html

Debian Security Advisory DSA-563-2
http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00170.html

Debian Security Advisory DSA 563-3
http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00173.html

Debian Security Advisory DSA 568-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00176.html

Apple Security Update 2005-003
http://docs.info.apple.com/article.html?artnum=301061

Version history

Version Comments Date
1.0 Aviso emitido 2004-10-08
1.1 Aviso emitido por Debian (DSA 563-2) 2004-10-13
1.2 Aviso actualizado por Debian (DSA 563-3) 2004-10-15
1.3 Aviso emitido por Debian (DSA 568-1) 2004-10-18
1.4 Aviso emitido por Apple (2005-003) 2005-03-22
Volver

Este sitio web utiliza cookies propias y de terceros para el correcto funcionamiento y visualización del sitio web por parte del usuario, así como la recogida de estadísticas. Si continúa navegando, consideramos que acepta su uso. Puede cambiar la configuración u obtener más información. Modificar configuración