High severity7.5NVD Advisory· Published Mar 2, 2017· Updated May 13, 2026

CVE-2017-6384

Description

Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.

Affected products

Atheme/Atheme
cpe:2.3:a:atheme:atheme:7.2.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/atheme/atheme/pull/539nvdIssue TrackingPatchThird Party Advisory
github.com/atheme/atheme/releases/tag/v7.2.8nvdPatchRelease NotesVendor Advisory
www.securityfocus.com/bid/96552nvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000