Description
The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
Published: 2016-09-21
Score: 8.1 High
EPSS: 1.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-3661-1 charybdis security update
EUVD EUVD EUVD-2016-8015 The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.
History

No history.

Subscriptions

Charybdis Project Charybdis
Debian Debian Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-06T01:50:47.430Z

Reserved: 2016-09-05T00:00:00.000Z

Link: CVE-2016-7143

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2016-09-21T14:25:26.177

Modified: 2025-04-12T10:46:40.837

Link: CVE-2016-7143

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses