Cmu · Cyrus-Sasl · CVE-2009-0688
**Name of the Vulnerable Software and Affected Versions**
cyrus-sasl versions prior to 2.1.23
sasl2-bin (affected versions not specified)
**Description**
The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely, potentially leading to the execution of arbitrary code or a denial of service. The vulnerability is related to multiple buffer overflows in the CMU Cyrus SASL library, specifically in the `sasl encode64` function in `lib/saslutil.c`, which can be triggered by input strings.
**Recommendations**
For cyrus-sasl versions prior to 2.1.23, update to version 2.1.23 or later to resolve the issue.
For sasl2-bin, at the moment, there is no information about a newer version that contains a fix for this vulnerability.