Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 30 Dec 2013 11:26:37 -0500 (EST)
From: cve-assign@...re.org
To: carnil@...ian.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE Request: SASL authentication allows wrong credentials to access memcache

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> If a client makes an invalid request with SASL credentials, it will
> initially fail. However if you issue a second request with bad SASL
> credentials, it will authenticate.

Use CVE-2013-7239.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSwZ47AAoJEKllVAevmvms7nkH/jgHsNU+zkkEyQXYNr6mokRI
cicSUgRLMThGI9d0x0FMkH+XP37YPcS/WkV4WZhyNa36/6ZoWVUJZZ4Nxnmm5iKm
bHncQlJmfAeSYI6zSbYaIV6lMZPEOr/mqbosvkodQq+cEGVRzbZbg6pdGelTUyzt
eTNmocm5oBJwIq/OZagMoMaMDI3iIIAiQejIE/6XjttgE0jIGwWbWHavgVkovLTA
gu3YfDerQq0RZ6WYg5wDRaVOCmJWxt6ninFNd5xIgNtZ+fekU3fAOpXHZZHfmr8Y
44f3obbH7sS7Bqgsw9wgiOsNw9LSZ2H+cgHXTRl1l813ab2x7bFq35q+V3UcWbM=
=BVbl
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.