Memory Leak in Atheme 7.2.7 Login User Function Allows Remote DoS

Memory Leak in Atheme 7.2.7 Login User Function Allows Remote DoS

CVE-2017-6384 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. This is fixed in 7.2.8.

Learn more about our User Device Pen Test.