Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 12 Jul 2013 15:47:57 +0000
From: "mancha" <mancha1@...h.com>
To: oss-security@...ts.openwall.com, solar@...nwall.com
Subject: Re: CVE request: Cyrus-sasl NULL ptr. dereference

On Fri, 12 Jul 2013 15:35:22 +0000 "Solar Designer" wrote:
>Does this really crash the entire daemon process rather than
>just one of its children (where a new one would be spawned for
>another request)?
>
>I think this needs to be clarified, and the answer will affect 
>whether
>we have a security issue (CVE-worthy) or not.
>
>Alexander

That is a good question. The short answer is there isn't a
re-spawn of crashed processes. The longer answer is cyrus-sasl's
saslauthd defaults to starting up 5 round-robin listening
threads (configurable via -n switch).

Under a default scenario, authentication would continue to be
available until the 5th NULL ptr. dereference.

--mancha

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.