Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Carnegie Mellon University Cyrus SASL 2.1.20
Carnegie Mellon University Cyrus SASL 2.1.19
Carnegie Mellon University Cyrus SASL 2.1.25
Carnegie Mellon University Cyrus SASL 2.1.26
Carnegie Mellon University Cyrus SASL 2.1.21
Carnegie Mellon University Cyrus SASL 2.1.22
Carnegie Mellon University Cyrus SASL 2.1.23
Carnegie Mellon University Cyrus SASL 1.5.28
Cmu Cyrus-sasl 2.1.24 (not an official CPE)