Description
The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs.
Product(s):
- Cyrus SASL 1.5.24
- Cyrus SASL 1.5.27
- Cyrus SASL 1.5.28
- Cyrus SASL 2.1.10
- Cyrus SASL 2.1.11
- Cyrus SASL 2.1.12
- Cyrus SASL 2.1.13
- Cyrus SASL 2.1.14
- Cyrus SASL 2.1.15
- Cyrus SASL 2.1.16
- Cyrus SASL 2.1.17
- Cyrus SASL 2.1.18
- Cyrus SASL 2.1.18 R1
- Cyrus SASL 2.1.9
- Conectiva Linux 10.0
- Conectiva Linux 9.0
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-0884, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-0884 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.