CVE-2009-0688

Name of the Vulnerable Software and Affected Versions cyrus-sasl versions prior to 2.1.23 sasl2-bin (affected versions not specified)

Description The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely, potentially leading to the execution of arbitrary code or a denial of service. The vulnerability is related to multiple buffer overflows in the CMU Cyrus SASL library, specifically in the sasl encode64 function in lib/saslutil.c, which can be triggered by input strings.

Recommendations For cyrus-sasl versions prior to 2.1.23, update to version 2.1.23 or later to resolve the issue. For sasl2-bin, at the moment, there is no information about a newer version that contains a fix for this vulnerability.