← voltar
CVE-2009-0688

CVE-2009-0688

EPSS 8.2%
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gzhttp://lists.apple.com/archives/security-announce/2010//Mar/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlhttp://osvdb.org/54514http://osvdb.org/54515http://secunia.com/advisories/35094http://secunia.com/advisories/35097http://secunia.com/advisories/35102http://secunia.com/advisories/35206http://secunia.com/advisories/35239http://secunia.com/advisories/35321http://secunia.com/advisories/35416