oss-sec mailing list archives
Re: CVE request: Cyrus-sasl NULL ptr. dereference
From: "mancha" <mancha1 () hush com>
Date: Fri, 12 Jul 2013 15:47:57 +0000
On Fri, 12 Jul 2013 15:35:22 +0000 "Solar Designer" wrote:
Does this really crash the entire daemon process rather than just one of its children (where a new one would be spawned for another request)? I think this needs to be clarified, and the answer will affect whether we have a security issue (CVE-worthy) or not. Alexander
That is a good question. The short answer is there isn't a re-spawn of crashed processes. The longer answer is cyrus-sasl's saslauthd defaults to starting up 5 round-robin listening threads (configurable via -n switch). Under a default scenario, authentication would continue to be available until the 5th NULL ptr. dereference. --mancha
Current thread:
- CVE request: Cyrus-sasl NULL ptr. dereference mancha (Jul 12)
- Re: CVE request: Cyrus-sasl NULL ptr. dereference Solar Designer (Jul 12)
- Re: CVE request: Cyrus-sasl NULL ptr. dereference Sebastian Krahmer (Jul 15)
- <Possible follow-ups>
- Re: CVE request: Cyrus-sasl NULL ptr. dereference mancha (Jul 12)
- Re: CVE request: Cyrus-sasl NULL ptr. dereference Solar Designer (Jul 12)
- Re: CVE request: Cyrus-sasl NULL ptr. dereference Kurt Seifried (Jul 12)
- Re: CVE request: Cyrus-sasl NULL ptr. dereference Solar Designer (Jul 12)