漏洞信息详情
Cyrus-SASL Syslog格式串漏洞
- CNNVD编号:CNNVD-200112-126
- 危害等级: 高危
![图片[1]-Cyrus-SASL Syslog格式串漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-11/bbdd3e8868c10d22861b2275d65f4500.png)
- CVE编号:
CVE-2001-0869
- 漏洞类型:
格式化字符串
- 发布时间:
2001-12-21
- 威胁类型:
远程
- 更新时间:
2006-11-13
- 厂 商:
suse - 漏洞来源:
Reported by Kari H… -
漏洞简介
Cyrus SASL库(cyrus-sasl)中common.c的默认记录回调函数_sasl_syslog存在格式串漏洞。远程攻击者利用该漏洞执行任意命令。
漏洞公告
This is fixed in version 1.5.27 (BETA).
Additional upgrades are available.
Carnegie Mellon University Cyrus-SASL 1.5.24
-
Caldera OpenLinux 3.1 Workstation libsasl-devel-1.5.24-4.i386.rpm
ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP
MS/libsasl-devel-1.5.24-4.i386.rpm -
Carnegie Mellon University cyrus-sasl-1.5.27.tar.gz (BETA)
ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/BETA/cyrus-sasl-1.5.27.tar.gz -
Conectiva 6.0 sasl-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-1.5.24-15U60_1cl.i38
6.rpm -
Conectiva 6.0 sasl-devel-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-devel-1.5.24-15U60_1
cl.i386.rpm -
Conectiva 6.0 sasl-doc-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-doc-1.5.24-15U60_1cl
.i386.rpm -
Conectiva 6.0 sasl-plug-anonymous-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-plug-anonymous-1.5.2
4-15U60_1cl.i386.rpm -
Conectiva 6.0 sasl-plug-crammd5-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-plug-crammd5-1.5.24-
15U60_1cl.i386.rpm -
Conectiva 6.0 sasl-plug-digestmd5-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-plug-digestmd5-1.5.2
4-15U60_1cl.i386.rpm -
Conectiva 6.0 sasl-plug-plain-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-plug-plain-1.5.24-15
U60_1cl.i386.rpm -
Conectiva 6.0 sasl-programs-1.5.24-15U60_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/sasl-programs-1.5.24-15U6
0_1cl.i386.rpm -
Conectiva 7.0 sasl-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-1.5.24-15U70_1cl.i38
6.rpm -
Conectiva 7.0 sasl-devel-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-devel-1.5.24-15U70_1
cl.i386.rpm -
Conectiva 7.0 sasl-doc-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-doc-1.5.24-15U70_1cl
.i386.rpm -
Conectiva 7.0 sasl-plug-anonymous-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-plug-anonymous-1.5.2
4-15U70_1cl.i386.rpm -
Conectiva 7.0 sasl-plug-crammd5-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-plug-crammd5-1.5.24-
15U70_1cl.i386.rpm -
Conectiva 7.0 sasl-plug-digestmd5-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-plug-digestmd5-1.5.2
4-15U70_1cl.i386.rpm -
Conectiva 7.0 sasl-plug-plain-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-plug-plain-1.5.24-15
U70_1cl.i386.rpm -
Conectiva 7.0 sasl-programs-1.5.24-15U70_1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sasl-programs-1.5.24-15U7
0_1cl.i386.rpm -
FreeBSD cyrus-sasl-1.5.27_2.tgz
ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4-stable/securit
y/cyrus-sasl-1.5.27_2.tgz -
FreeBSD cyrus-sasl-1.5.27_2.tgz
ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5-current/securi
ty/cyrus-sasl-1.5.27_2.tgz -
Mandrake cyrus-sasl-1.5.27-2.1mdk.i586.rpmMandrake Linux 8.1.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake cyrus-sasl-1.5.27-2.1mdk.ia64.rpmMandrake Linux 8.1 ia64.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake cyrus-sasl-1.5.27-2.1mdk.src.rpmMandrake Linux 8.1 ia64 Source RPM.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake cyrus-sasl-1.5.27-2.1mdk.src.rpmMandrake Linux 8.1 Source RPM.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake cyrus-sasl-1.5.27-2.2mdk.i586.rpmMandrake Linux 8.0.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake cyrus-sasl-1.5.27-2.2mdk.ppc.rpmMandrake Linux 8.0 PPC.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake cyrus-sasl-1.5.27-2.2mdk.src.rpmMandrake Linux 8.0 PPC Source RPM.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake cyrus-sasl-1.5.27-2.2mdk.src.rpmMandrake Linux 8.0 Source RPM.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake libsasl7-1.5.27-2.1mdk.i586.rpmMandrake Linux 8.1.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake libsasl7-1.5.27-2.1mdk.ia64.rpmMandrake Linux 8.1 ia64.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake libsasl7-1.5.27-2.2mdk.i586.rpmMandrake Linux 8.0.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake libsasl7-1.5.27-2.2mdk.ppc.rpmMandrake Linux 8.0 PPC.
http://www.linux-mandrake.com/en/ftp.php3 -
Mandrake libsasl7-devel-1.5.27-2.1mdk.i586.rpmMandrake Linux 8.1.
http://www.linux-mandrake.com/en/ftp.php3 - Man
参考网址
来源: REDHAT
名称: RHSA-2001:151
链接:http://www.redhat.com/support/errata/RHSA-2001-151.html
来源: REDHAT
名称: RHSA-2001:150
链接:http://www.redhat.com/support/errata/RHSA-2001-150.html
来源: SUSE
名称: SuSE-SA:2001:042
链接:http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3
来源: XF
名称: cyrus-sasl-format-string(7443)
链接:http://xforce.iss.net/static/7443.php
来源: BID
名称: 3498
链接:http://www.securityfocus.com/bid/3498
来源: CALDERA
名称: CSSA-2001-040.0
链接:http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt
来源: MANDRAKE
名称: MDKSA-2002:018
链接:http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018
来源: CONECTIVA
名称: CLA-2001:444
链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000444
来源: FREEBSD
名称: FreeBSD-SA-02:15
链接:ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
