fkie_nvd - fkie_cve-2005-0373

fkie_cve-2005-0373

Vulnerability from fkie_nvd

Published

2004-10-07 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.

References

URL	Tags
cve@mitre.org	http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml	Patch, Vendor Advisory
cve@mitre.org	http://www.linuxcompatible.org/print42495.html	Patch, Vendor Advisory
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDKSA-2005:054
cve@mitre.org	http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/11347	Patch, Vendor Advisory
cve@mitre.org	https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171	Vendor Advisory
cve@mitre.org	https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17642
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.linuxcompatible.org/print42495.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:054
af854a3a-2127-422b-91ae-364da2661108	http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11347	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type=text/x-cvsweb-markup	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17642

Impacted products

Vendor	Product	Version
cyrus	sasl	1.5.24
cyrus	sasl	1.5.27
cyrus	sasl	1.5.28
cyrus	sasl	2.1.9
cyrus	sasl	2.1.10
cyrus	sasl	2.1.11
cyrus	sasl	2.1.12
cyrus	sasl	2.1.13
cyrus	sasl	2.1.14
cyrus	sasl	2.1.15
cyrus	sasl	2.1.16
cyrus	sasl	2.1.17
cyrus	sasl	2.1.18
cyrus	sasl	2.1.18_r1
openpkg	openpkg	2.1
openpkg	openpkg	2.2
suse	suse_cvsup	16.1h_36.i586
conectiva	linux	9.0
conectiva	linux	10.0
apple	mac_os_x	10.0
apple	mac_os_x	10.0.1
apple	mac_os_x	10.0.2
apple	mac_os_x	10.0.3
apple	mac_os_x	10.0.4
apple	mac_os_x	10.1
apple	mac_os_x	10.1.1
apple	mac_os_x	10.1.2
apple	mac_os_x	10.1.3
apple	mac_os_x	10.1.4
apple	mac_os_x	10.1.5
apple	mac_os_x	10.2
apple	mac_os_x	10.2.1
apple	mac_os_x	10.2.2
apple	mac_os_x	10.2.3
apple	mac_os_x	10.2.4
apple	mac_os_x	10.2.5
apple	mac_os_x	10.2.6
apple	mac_os_x	10.2.7
apple	mac_os_x	10.2.8
apple	mac_os_x	10.3
apple	mac_os_x	10.3.1
apple	mac_os_x	10.3.2
apple	mac_os_x	10.3.3
apple	mac_os_x	10.3.4
apple	mac_os_x	10.3.5
apple	mac_os_x	10.3.6
apple	mac_os_x	10.3.7
apple	mac_os_x	10.3.8
apple	mac_os_x_server	10.0
apple	mac_os_x_server	10.1
apple	mac_os_x_server	10.1.1
apple	mac_os_x_server	10.1.2
apple	mac_os_x_server	10.1.3
apple	mac_os_x_server	10.1.4
apple	mac_os_x_server	10.1.5
apple	mac_os_x_server	10.2
apple	mac_os_x_server	10.2.1
apple	mac_os_x_server	10.2.2
apple	mac_os_x_server	10.2.3
apple	mac_os_x_server	10.2.4
apple	mac_os_x_server	10.2.5
apple	mac_os_x_server	10.2.6
apple	mac_os_x_server	10.2.7
apple	mac_os_x_server	10.2.8
apple	mac_os_x_server	10.3
apple	mac_os_x_server	10.3.1
apple	mac_os_x_server	10.3.2
apple	mac_os_x_server	10.3.3
apple	mac_os_x_server	10.3.4
apple	mac_os_x_server	10.3.5
apple	mac_os_x_server	10.3.6
apple	mac_os_x_server	10.3.7
apple	mac_os_x_server	10.3.8
redhat	fedora_core	core_1.0
suse	suse_linux	1.0
suse	suse_linux	8.0
suse	suse_linux	8.0
suse	suse_linux	8.1
suse	suse_linux	8.2
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.0
suse	suse_linux	9.1
suse	suse_linux	9.1
suse	suse_linux	9.2
suse	suse_linux	9.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:1.5.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B837A3-E1D7-469D-9A2C-1648DB869524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:1.5.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D5319DC-7C56-4661-83A6-6F226DD6804F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:1.5.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BFA8CBB-D990-489B-BBA1-72392B45511F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABBB175-E5D7-4270-A599-666233B6420B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8765C3F-45F4-403A-900C-EDC95476A5DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BAE912B-3905-40D2-A2A3-34A87B743244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B860C12-E0C6-4365-8199-BDCA7303B549",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "D836C743-2957-4FE7-A396-E68466B29266",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "26AC8F82-1FE2-418E-A90B-3011C31274E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D75CC348-B708-4B44-80AE-98C10B498876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBB6270-112B-4BC2-A72F-1FD44C7E6DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "E35EEADE-B717-4851-8D45-60E0F8800E8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "798B1672-529E-4D61-9CE6-A3C362AA3FD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cyrus:sasl:2.1.18_r1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD156C94-966C-4EF7-A386-DA5516B77DD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openpkg:openpkg:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37042CDE-E4FE-442E-891A-CD84433D36E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openpkg:openpkg:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F6E348-01DF-4FA4-808E-39A2A7A2B97B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:suse:suse_cvsup:16.1h_36.i586:*:*:*:*:*:*:*",
              "matchCriteriaId": "C930F134-76A8-4628-8B2E-B06CAC1F32CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "99C273D1-ADFE-4B4C-B543-7B9CA741A117",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BC31B69-3DE1-4CF3-ADC9-CA0BF1714CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CC671C-6D89-4279-86F7-DDE1D4D9A0CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E4B77F6-E71C-45ED-96CC-7872AD2FCBF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "066ABC3B-B395-42D2-95C0-5B810F91A6F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "01BC19FC-6E03-4000-AE4B-232E47FA76F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "421FC2DD-0CF7-44A2-A63C-5221689E2363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F8B70BC-42B7-453A-B506-7BE69D49A4B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAAC6EA5-DCB2-4A50-A8BC-25CC43FAEF9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA32F7D8-02F8-4CFE-B193-2888807BC4D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DCDE70-07DA-4F0B-805F-6BA03D410CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE52A344-8B07-480D-A57F-B1F6E6574F3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56CC0444-570C-4BB5-B53A-C5CA0BD87935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "62E3EED7-FE30-4620-B40B-9CC49B77408A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AFD8BC6-4893-4D9D-A26E-27AAC864F94B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD1F9A1-5ADB-451D-9525-D545E42D2B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A24978-2891-425C-ACF6-E8F5C839C54A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B20E130-6078-4336-B614-273C27142B46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB461678-560D-436E-A3AE-9E1E16DB0412",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB279593-17D1-4A65-BF54-969B38B74B23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F5B731-D5A7-4694-9B27-CEE1DCC810EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5DB7BE-FC71-4ADE-8B9F-7EA401C8CA88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3E2571E-D9EB-43CD-82DD-8C813FF8D5E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "36F4618C-1408-4097-B97D-5F32DE6D01DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F558C40-D0DA-4700-95DA-DF1322C020E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F8F30B-E4B8-4745-AFFA-8FD620E61994",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E831F3E-A980-47AF-BD05-2DB1A14689B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "36991737-904F-4B26-AEE2-7B30411279E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7EE6036-1A18-43F1-8A92-7DF39E1516E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "620ECFC8-293D-4C2B-9698-67185BB6E2EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F14A45-BDDB-4C12-9370-D5241975A928",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "46BC34D4-A1E8-4E01-982D-EAF03A0EB886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "35932546-B614-47C0-98E6-8EF1EFE06725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F17066-C090-4DD7-A1AC-D8FF70D268CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*",
              "matchCriteriaId": "C7EAAD04-D7C4-43DE-B488-1AAD014B503E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*",
              "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code."
    }
  ],
  "id": "CVE-2005-0373",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-07T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linuxcompatible.org/print42495.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:054"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11347"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.linuxcompatible.org/print42495.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/11347"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170\u0026r2=1.171"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171\u0026content-type=text/x-cvsweb-markup"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17642"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vendorComments": [
    {
      "comment": "Not vulnerable. This issue did not affect the versions of Cyrus SASL as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.",
      "lastModified": "2006-08-30T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2005-0373 (GCVE-0-2005-0373)

Vulnerability from cvelistv5

Published

2005-02-13 05:00