Description
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low
Affected products
- gnu / GNU SASL>=0.0.0, <2.0.1 – >=0.0.0, <2.0.1