Thread: Remote DOS condition in Cyrus-SASL
View Single Post
  #2 (permalink)  
Old 04-25-2006, 04:20 PM
anand anand is offline
Zimbra Employee
  
Posts: 274
Default does not affect ZCS
ZCS includes cyrus-sasl-2.1.21 which is not vulnerable:

http://asg.web.cmu.edu/archive/messa...-sasl&msg=7775
http://labs.musecurity.com/advisories/MU-200604-01.txt

Also we don't support the digest-md5 auth method.

Thanks for bringing this to our attention.
__________________
Bugzilla - Wiki - Downloads - Before posting... Search!
Reply With Quote