Vulnerability Note VU#238019
Cyrus SASL library buffer overflow vulnerability
Overview
The Cyrus SASL library contains a buffer overflow vulnerability that could allow an attacker to execute code or cause a vulnerable program to crash.
Description
SASL (Simple Authentication and Security Layer) is a method for adding authentication support to various protocols. SASL is commonly used by mail servers to request authentication from clients and by clients to authenticate to servers. The sasl_encode64() function converts a string into base64. The Cyrus SASL library contains buffer overflows that occur because of unsafe use of the sasl_encode64() function. |
Impact
A remote attacker might be able to execute code, or cause any programs relying on SASL to crash or be unavailable. |
Solution
Upgrade |
Systems Affected (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Apple Inc. | Affected | - | 26 Aug 2009 |
| Cyrus-IMAP | Affected | - | 13 May 2009 |
| Gentoo Linux | Affected | 28 Apr 2009 | 20 May 2009 |
| Red Hat, Inc. | Affected | 28 Apr 2009 | 14 May 2009 |
| Sun Microsystems, Inc. | Affected | 28 Apr 2009 | 14 May 2009 |
| The SCO Group | Affected | 28 Apr 2009 | 15 May 2009 |
| SafeNet | Not Affected | 13 May 2009 | 15 Jun 2009 |
| Conectiva Inc. | Unknown | 28 Apr 2009 | 28 Apr 2009 |
| Cray Inc. | Unknown | 28 Apr 2009 | 28 Apr 2009 |
| Debian GNU/Linux | Unknown | 28 Apr 2009 | 28 Apr 2009 |
| Engarde Secure Linux | Unknown | 28 Apr 2009 | 28 Apr 2009 |
| Fedora Project | Unknown | 28 Apr 2009 | 28 Apr 2009 |
| Hewlett-Packard Company | Unknown | 28 Apr 2009 | 28 Apr 2009 |
| IBM Corporation (zseries) | Unknown | 28 Apr 2009 | 28 Apr 2009 |
| IBM eServer | Unknown | 28 Apr 2009 | 28 Apr 2009 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | N/A | N/A |
| Temporal | N/A | N/A |
| Environmental | N/A | N/A |
References
- ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz
- http://xorl.wordpress.com/2009/05/18/cve-2009-0688-cmu-cyrus-sasl-off-by-one-overflow/
- http://en.wikipedia.org/w/index.php?title=Base64&oldid=285664115
Credit
Thanks to James Ralston for reporting this issue and providing technical information.
This document was written by Ryan Giobbi.
Other Information
- CVE IDs: CVE-2009-0688
- Date Public: 08 Apr 2009
- Date First Published: 14 May 2009
- Date Last Updated: 26 Aug 2009
- Severity Metric: 4.04
- Document Revision: 24
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.