http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0373 Affects RHL 9 and FC 1. Please check whether it affects RHL 7.3.
ftp://ftp.snt.utwente.nl/pub/os/linux/gentoo-portage/dev-libs/cyrus-sasl/files/cyrus-sasl-2.1.18-cvs-1.172.patch
https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c#rev1.171 : * plugins/digestmd5.c: Fix potential buffer overflow, call add_to_challenge in 2 more places (Alexey Melnikov So indeed the issue seems to be the sprintf(text->outbuf)s, not the quoting.
Alexey Melnikov verified that this issue only exists in rev 1.170 of digestmd5.c. Official releases are hence not vulnerable. Closing NOTABUG.