ByteOS Network

CVE Vulnerability Details :

CVE-2009-0688

PUBLISHED

More Info Official Page

Assigner-certcc

Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b

Published At-15 May, 2009 | 15:00

Updated At-07 Aug, 2024 | 04:40

▼CVE Numbering Authority (CNA)

Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://osvdb.org/54515	vdb-entry x_refsource_OSVDB
http://secunia.com/advisories/35239	third-party-advisory x_refsource_SECUNIA
http://www.us-cert.gov/cas/techalerts/TA10-103B.html	third-party-advisory x_refsource_CERT
http://secunia.com/advisories/35321	third-party-advisory x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/238019	third-party-advisory x_refsource_CERT-VN
http://secunia.com/advisories/35497	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/35102	third-party-advisory x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.448834	vendor-advisory x_refsource_SLACKWARE
http://secunia.com/advisories/35746	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/39428	third-party-advisory x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1	vendor-advisory x_refsource_SUNALERT
http://secunia.com/advisories/35094	third-party-advisory x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html	vendor-advisory x_refsource_APPLE
http://www.debian.org/security/2009/dsa-1807	vendor-advisory x_refsource_DEBIAN
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091	x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136	vdb-entry signature x_refsource_OVAL
http://secunia.com/advisories/35097	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2009/1313	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2009/2012	vdb-entry x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687	vdb-entry signature x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	vendor-advisory x_refsource_SUSE
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1	vendor-advisory x_refsource_SUNALERT
http://security.gentoo.org/glsa/glsa-200907-09.xml	vendor-advisory x_refsource_GENTOO
http://support.apple.com/kb/HT4077	x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html	x_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm	x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1	vendor-advisory x_refsource_SUNALERT
http://secunia.com/advisories/35206	third-party-advisory x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1	vendor-advisory x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDVSA-2009:113	vendor-advisory x_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2009-1116.html	vendor-advisory x_refsource_REDHAT
http://www.securityfocus.com/bid/34961	vdb-entry x_refsource_BID
http://secunia.com/advisories/35416	third-party-advisory x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1	vendor-advisory x_refsource_SUNALERT
http://osvdb.org/54514	vdb-entry x_refsource_OSVDB
http://www.ubuntu.com/usn/usn-790-1	vendor-advisory x_refsource_UBUNTU
http://www.securitytracker.com/id?1022231	vdb-entry x_refsource_SECTRACK
ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz	x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/50554	vdb-entry x_refsource_XF

Hyperlink: http://osvdb.org/54515

Resource:

vdb-entry

x_refsource_OSVDB

Hyperlink: http://secunia.com/advisories/35239

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-103B.html

Resource:

third-party-advisory

x_refsource_CERT

Hyperlink: http://secunia.com/advisories/35321

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.kb.cert.org/vuls/id/238019

Resource:

third-party-advisory

x_refsource_CERT-VN

Hyperlink: http://secunia.com/advisories/35497

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/35102

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.448834

Resource:

vendor-advisory

x_refsource_SLACKWARE

Hyperlink: http://secunia.com/advisories/35746

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/39428

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://secunia.com/advisories/35094

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://www.debian.org/security/2009/dsa-1807

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091

Resource:

x_refsource_CONFIRM

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://secunia.com/advisories/35097

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2009/1313

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.vupen.com/english/advisories/2009/2012

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://security.gentoo.org/glsa/glsa-200907-09.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://support.apple.com/kb/HT4077

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm

Resource:

x_refsource_CONFIRM

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://secunia.com/advisories/35206

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:113

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-1116.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.securityfocus.com/bid/34961

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://secunia.com/advisories/35416

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1

Resource:

vendor-advisory

x_refsource_SUNALERT

Hyperlink: http://osvdb.org/54514

Resource:

vdb-entry

x_refsource_OSVDB

Hyperlink: http://www.ubuntu.com/usn/usn-790-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://www.securitytracker.com/id?1022231

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz

Resource:

x_refsource_CONFIRM

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/50554

Resource:

vdb-entry

x_refsource_XF

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://osvdb.org/54515	vdb-entry x_refsource_OSVDB x_transferred
http://secunia.com/advisories/35239	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.us-cert.gov/cas/techalerts/TA10-103B.html	third-party-advisory x_refsource_CERT x_transferred
http://secunia.com/advisories/35321	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.kb.cert.org/vuls/id/238019	third-party-advisory x_refsource_CERT-VN x_transferred
http://secunia.com/advisories/35497	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/35102	third-party-advisory x_refsource_SECUNIA x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.448834	vendor-advisory x_refsource_SLACKWARE x_transferred
http://secunia.com/advisories/35746	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/39428	third-party-advisory x_refsource_SECUNIA x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://secunia.com/advisories/35094	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html	vendor-advisory x_refsource_APPLE x_transferred
http://www.debian.org/security/2009/dsa-1807	vendor-advisory x_refsource_DEBIAN x_transferred
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091	x_refsource_CONFIRM x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136	vdb-entry signature x_refsource_OVAL x_transferred
http://secunia.com/advisories/35097	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2009/1313	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2009/2012	vdb-entry x_refsource_VUPEN x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687	vdb-entry signature x_refsource_OVAL x_transferred
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	vendor-advisory x_refsource_SUSE x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://security.gentoo.org/glsa/glsa-200907-09.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://support.apple.com/kb/HT4077	x_refsource_CONFIRM x_transferred
http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html	x_refsource_CONFIRM x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm	x_refsource_CONFIRM x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://secunia.com/advisories/35206	third-party-advisory x_refsource_SECUNIA x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2009:113	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.redhat.com/support/errata/RHSA-2009-1116.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.securityfocus.com/bid/34961	vdb-entry x_refsource_BID x_transferred
http://secunia.com/advisories/35416	third-party-advisory x_refsource_SECUNIA x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1	vendor-advisory x_refsource_SUNALERT x_transferred
http://osvdb.org/54514	vdb-entry x_refsource_OSVDB x_transferred
http://www.ubuntu.com/usn/usn-790-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://www.securitytracker.com/id?1022231	vdb-entry x_refsource_SECTRACK x_transferred
ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz	x_refsource_CONFIRM x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/50554	vdb-entry x_refsource_XF x_transferred

Hyperlink: http://osvdb.org/54515

Resource:

vdb-entry

x_refsource_OSVDB

x_transferred

Hyperlink: http://secunia.com/advisories/35239

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-103B.html

Resource:

third-party-advisory

x_refsource_CERT

x_transferred

Hyperlink: http://secunia.com/advisories/35321

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.kb.cert.org/vuls/id/238019

Resource:

third-party-advisory

x_refsource_CERT-VN

x_transferred

Hyperlink: http://secunia.com/advisories/35497

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/35102

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.448834

Resource:

vendor-advisory

x_refsource_SLACKWARE

x_transferred

Hyperlink: http://secunia.com/advisories/35746

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/39428

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://secunia.com/advisories/35094

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://www.debian.org/security/2009/dsa-1807

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6136

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://secunia.com/advisories/35097

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2009/1313

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2009/2012

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10687

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200907-09.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://support.apple.com/kb/HT4077

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://secunia.com/advisories/35206

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2009:113

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2009-1116.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.securityfocus.com/bid/34961

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://secunia.com/advisories/35416

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

Hyperlink: http://osvdb.org/54514

Resource:

vdb-entry

x_refsource_OSVDB

x_transferred

Hyperlink: http://www.ubuntu.com/usn/usn-790-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://www.securitytracker.com/id?1022231

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/50554

Resource:

vdb-entry

x_refsource_XF

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References