CVE-2017-6384 Atheme CVE debrief

Who should care

Operators and maintainers running Atheme 7.2.7, especially Internet-facing deployments that expose the affected login path or related SASL services, should prioritize this issue because it requires no authentication and impacts availability.

Technical summary

NVD describes a memory leak in login_user within saslserv/main.c (saslserv/main.so) in Atheme 7.2.7. The attacker model is remote and unauthenticated, with the practical effect being repeated memory consumption leading to service degradation or denial of service. NVD maps the weakness to CWE-772 and gives the vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Defensive priority

High

Recommended defensive actions

• Upgrade Atheme to version 7.2.8 or later, which is identified as the fixed release.
• If immediate upgrade is not possible, restrict network exposure to the affected service and limit access to trusted clients only.
• Monitor memory usage and process stability for the affected Atheme components until remediation is complete.
• Validate that deployed packages match the fixed release rather than the vulnerable 7.2.7 build.

Evidence notes

All material claims are supported by the supplied NVD record and referenced vendor materials. The record states the issue is a memory leak in login_user, that it is remotely triggerable without authentication, that Atheme 7.2.7 is vulnerable, and that 7.2.8 contains the fix. The supplied NVD metadata also identifies CWE-772 and CVSS vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Official resources