Vulnerability Note VU#238019

Cyrus SASL library buffer overflow vulnerability

Original Release date: 14 May 2009 | Last revised: 26 Aug 2009

Overview

The Cyrus SASL library contains a buffer overflow vulnerability that could allow an attacker to execute code or cause a vulnerable program to crash.

Description

SASL (Simple Authentication and Security Layer) is a method for adding authentication support to various protocols. SASL is commonly used by mail servers to request authentication from clients and by clients to authenticate to servers.

The sasl_encode64() function converts a string into base64. The Cyrus SASL library contains buffer overflows that occur because of unsafe use of the sasl_encode64() function.

Impact

A remote attacker might be able to execute code, or cause any programs relying on SASL to crash or be unavailable.

Solution

Upgrade
Cyrus SASL 2.1.23 has been released to address this issue. Before releasing fixed binaries, maintainers are encouraged to review the Cyrus vendor statement associated with this note.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Apple Inc.Affected-26 Aug 2009
Cyrus-IMAPAffected-13 May 2009
Gentoo LinuxAffected28 Apr 200920 May 2009
Red Hat, Inc.Affected28 Apr 200914 May 2009
Sun Microsystems, Inc.Affected28 Apr 200914 May 2009
The SCO GroupAffected28 Apr 200915 May 2009
SafeNetNot Affected13 May 200915 Jun 2009
Conectiva Inc.Unknown28 Apr 200928 Apr 2009
Cray Inc.Unknown28 Apr 200928 Apr 2009
Debian GNU/LinuxUnknown28 Apr 200928 Apr 2009
Engarde Secure LinuxUnknown28 Apr 200928 Apr 2009
Fedora ProjectUnknown28 Apr 200928 Apr 2009
Hewlett-Packard CompanyUnknown28 Apr 200928 Apr 2009
IBM Corporation (zseries)Unknown28 Apr 200928 Apr 2009
IBM eServerUnknown28 Apr 200928 Apr 2009
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to James Ralston for reporting this issue and providing technical information.

This document was written by Ryan Giobbi.

Other Information

  • CVE IDs: CVE-2009-0688
  • Date Public: 08 Apr 2009
  • Date First Published: 14 May 2009
  • Date Last Updated: 26 Aug 2009
  • Severity Metric: 4.04
  • Document Revision: 24

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.