CVE-2005-0373

NONE EPSS 89.1%
Published Oct 7, 200421y ago · Modified Jun 16, 20262w ago
Find Similar
Published Oct 7, 2004 21y ago
Last Modified Jun 16, 2026 2w ago

Description

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

Threat Intelligence

EPSS Exploit Probability
89.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 86

VendorProductVersionRange
cyrussasl1.5.24any
cyrussasl1.5.27any
cyrussasl1.5.28any
cyrussasl2.1.9any
cyrussasl2.1.10any
cyrussasl2.1.11any
cyrussasl2.1.12any
cyrussasl2.1.13any
cyrussasl2.1.14any
cyrussasl2.1.15any
cyrussasl2.1.16any
cyrussasl2.1.17any
cyrussasl2.1.18any
cyrussasl2.1.18_r1any
openpkgopenpkg2.1any
openpkgopenpkg2.2any
susesuse_cvsup16.1h_36.i586any
conectivalinux9.0any
conectivalinux10.0any
applemac_os_x10.0any
applemac_os_x10.0.1any
applemac_os_x10.0.2any
applemac_os_x10.0.3any
applemac_os_x10.0.4any
applemac_os_x10.1any
applemac_os_x10.1.1any
applemac_os_x10.1.2any
applemac_os_x10.1.3any
applemac_os_x10.1.4any
applemac_os_x10.1.5any
applemac_os_x10.2any
applemac_os_x10.2.1any
applemac_os_x10.2.2any
applemac_os_x10.2.3any
applemac_os_x10.2.4any
applemac_os_x10.2.5any
applemac_os_x10.2.6any
applemac_os_x10.2.7any
applemac_os_x10.2.8any
applemac_os_x10.3any
applemac_os_x10.3.1any
applemac_os_x10.3.2any
applemac_os_x10.3.3any
applemac_os_x10.3.4any
applemac_os_x10.3.5any
applemac_os_x10.3.6any
applemac_os_x10.3.7any
applemac_os_x10.3.8any
applemac_os_x_server10.0any
applemac_os_x_server10.1any
applemac_os_x_server10.1.1any
applemac_os_x_server10.1.2any
applemac_os_x_server10.1.3any
applemac_os_x_server10.1.4any
applemac_os_x_server10.1.5any
applemac_os_x_server10.2any
applemac_os_x_server10.2.1any
applemac_os_x_server10.2.2any
applemac_os_x_server10.2.3any
applemac_os_x_server10.2.4any
applemac_os_x_server10.2.5any
applemac_os_x_server10.2.6any
applemac_os_x_server10.2.7any
applemac_os_x_server10.2.8any
applemac_os_x_server10.3any
applemac_os_x_server10.3.1any
applemac_os_x_server10.3.2any
applemac_os_x_server10.3.3any
applemac_os_x_server10.3.4any
applemac_os_x_server10.3.5any
applemac_os_x_server10.3.6any
applemac_os_x_server10.3.7any
applemac_os_x_server10.3.8any
redhatfedora_corecore_1.0any
susesuse_linux1.0any
susesuse_linux8.0any
susesuse_linux8.0any
susesuse_linux8.1any
susesuse_linux8.2any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.0any
susesuse_linux9.1any
susesuse_linux9.1any
susesuse_linux9.2any
susesuse_linux9.2any

References 8

  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml
    PatchVendor Advisory
  • linuxcompatible.org http://www.linuxcompatible.org/print42495.html
    PatchVendor Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2005:054
  • monkey.org http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/11347
    PatchVendor Advisory
  • bugzilla.andrew.cmu.edu https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171
    Vendor Advisory
  • bugzilla.andrew.cmu.edu https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup
    Vendor Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/17642

Remediation

  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml
    PatchVendor Advisory
  • linuxcompatible.org http://www.linuxcompatible.org/print42495.html
    PatchVendor Advisory
  • monkey.org http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/11347
    PatchVendor Advisory