ALPINE-CVE-2013-4122

See a problem?
Please try reporting it to the source first.
Source
https://security.alpinelinux.org/vuln/CVE-2013-4122
Import Source
https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json
JSON Data
https://api.osv.dev/v1/vulns/ALPINE-CVE-2013-4122
Upstream
Published
2013-10-27T00:55:03.773Z
Modified
2025-12-03T22:31:57.554962Z
Summary
[none]
Details

Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service (thread crash and consumption) via (1) an invalid salt or, when FIPS-140 is enabled, a (2) DES or (3) MD5 encrypted password, which triggers a NULL pointer dereference.

References

Affected packages

Alpine:v3.10
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.11
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.12
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.13
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.14
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.15
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.16
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.17
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.18
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.19
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.20
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.21
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.22
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.23
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.5
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.7
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.8
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"
Alpine:v3.9
cyrus-sasl

Package

Name
cyrus-sasl
Purl
pkg:apk/alpine/cyrus-sasl?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.26-r7

Affected versions

2.*
2.1.23-r0
2.1.23-r1
2.1.23-r2
2.1.23-r3
2.1.23-r4
2.1.23-r5
2.1.23-r6
2.1.23-r7
2.1.23-r8
2.1.23-r9
2.1.23-r10
2.1.23-r11
2.1.23-r13
2.1.23-r14
2.1.23-r15
2.1.26-r0
2.1.26-r1
2.1.26-r2
2.1.26-r3
2.1.26-r4
2.1.26-r5
2.1.26-r6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2013-4122.json"