Unrated severityNVD Advisory· Published Apr 11, 2006· Updated Apr 16, 2026

CVE-2006-1721

Description

digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions before 2.1.21, allows remote unauthenticated attackers to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation.

Affected products

Cyrus/Sasl5 versions
cpe:2.3:a:cyrus:sasl:2.1.18:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:cyrus:sasl:2.1.18:*:*:*:*:*:*:*
- cpe:2.3:a:cyrus:sasl:2.1.18_r1:*:*:*:*:*:*:*
- cpe:2.3:a:cyrus:sasl:2.1.18_r2:*:*:*:*:*:*:*
- cpe:2.3:a:cyrus:sasl:2.1.19:*:*:*:*:*:*:*
- cpe:2.3:a:cyrus:sasl:2.1.20:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

labs.musecurity.com/advisories/MU-200604-01.txtnvdPatch
secunia.com/advisories/19618nvdPatchVendor Advisory
www.securityfocus.com/bid/17446nvdPatch
secunia.com/advisories/19753nvdVendor Advisory
secunia.com/advisories/19809nvdVendor Advisory
secunia.com/advisories/19825nvdVendor Advisory
secunia.com/advisories/19964nvdVendor Advisory
secunia.com/advisories/20014nvdVendor Advisory
secunia.com/advisories/22187nvdVendor Advisory
secunia.com/advisories/26708nvdVendor Advisory
secunia.com/advisories/26857nvdVendor Advisory
secunia.com/advisories/27237nvdVendor Advisory
secunia.com/advisories/30535nvdVendor Advisory
www.vupen.com/english/advisories/2006/1306nvdVendor Advisory
www.vupen.com/english/advisories/2006/3852nvdVendor Advisory
www.vupen.com/english/advisories/2008/1744nvdVendor Advisory
patches.sgi.com/support/free/security/advisories/20070901-01-P.ascnvd
asg.web.cmu.edu/archive/message.phpnvd
lists.apple.com/archives/security-announce/2006/Sep/msg00002.htmlnvd
lists.grok.org.uk/pipermail/full-disclosure/2006-April/044992.htmlnvd
securitytracker.com/idnvd
support.avaya.com/elmodocs2/security/ASA-2007-426.htmnvd
www.debian.org/security/2006/dsa-1042nvd
www.gentoo.org/security/en/glsa/glsa-200604-09.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.novell.com/linux/security/advisories/2006_05_05.htmlnvd
www.redhat.com/support/errata/RHSA-2007-0795.htmlnvd
www.redhat.com/support/errata/RHSA-2007-0878.htmlnvd
www.securityfocus.com/archive/1/493080/100/0/threadednvd
www.trustix.org/errata/2006/0024nvd
www.vmware.com/security/advisories/VMSA-2008-0009.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/25738nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9861nvd
usn.ubuntu.com/272-1/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000