CVE-2009-0688

Summary

CVE	CVE-2009-0688
State	PUBLISHED
Assigner	certcc
Source Priority	CVE Program / NVD first with legacy fallback
Published	2009-05-15 15:30:00 UTC
Updated	2026-04-23 00:35:47 UTC
Description	Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.

Risk And Classification

Primary CVSS: v2.0 7.5 from [email protected]

AV:N/AC:L/Au:N/C:P/I:P/A:P

Problem Types: CWE-119 | n/a

CVSS v2.0 Breakdown

Access Vector

Network

Access Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Carnegie Mellon University	Cyrus-sasl	1.4.1	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.0	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.10	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.11	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.13	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.15	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.16	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.2	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.20	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.21	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.22	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.23	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.24	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.26	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.27	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.28	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.3	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	1.5.5	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.0.0	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.0.1	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.0.2	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.0.3	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.0.4	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.0.5	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.0	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.1	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.10	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.11	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.12	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.13	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.14	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.15	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.16	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.17	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.18	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.19	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.2	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.20	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.21	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.3	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.5	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.6	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.7	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.8	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	2.1.9	All	All	All
Application	Carnegie Mellon University	Cyrus-sasl	All	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Cyrus SASL "sasl_encode64()" Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
US-CERT Vulnerability Note VU#238019	af854a3a-2127-422b-91ae-364da2661108	www.kb.cert.org	Patch, US Government Resource
ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz	af854a3a-2127-422b-91ae-364da2661108	ftp.andrew.cmu.edu	Patch
Red Hat update for cyrus-imapd - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Debian -- Security Information -- DSA-1807-1 cyrus-sasl2, cyrus-sasl2-heimdal	af854a3a-2127-422b-91ae-364da2661108	www.debian.org
#259148: Security Vulnerability in the Solaris Simple Authentication and Security Layer (SASL) Library (see libsasl(3LIB)) Routine sasl_encode64(3SASL) may Allow Unprivileged Users to Crash Applications Using this Function	af854a3a-2127-422b-91ae-364da2661108	sunsolve.sun.com
Repository / Oval Repository	af854a3a-2127-422b-91ae-364da2661108	oval.cisecurity.org
Debian update for cyrus-sasl2 and cyrus-sasl2-heimdal - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
#273910: This Alert covers CVE-2009-2404 and CVE-2009-0688 for the Directory Server component of the Sun ONE Directory Server and Sun Java System Directory Server products.	af854a3a-2127-422b-91ae-364da2661108	sunsolve.sun.com
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:011	af854a3a-2127-422b-91ae-364da2661108	lists.opensuse.org
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	af854a3a-2127-422b-91ae-364da2661108	www.vupen.com
Slackware update for cyrus-sasl - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Support / Security / Advisories / / MDVSA-2009:113 \| Mandriva	af854a3a-2127-422b-91ae-364da2661108	www.mandriva.com
Cyrus SASL Buffer Overflow in sasl_encode64 Lets Remote Users Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
Gentoo update for cyrus-sasl - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
USN-790-1: Cyrus SASL vulnerability \| Ubuntu	af854a3a-2127-422b-91ae-364da2661108	www.ubuntu.com
rPath update for cyrus-sasl - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
sunsolve.sun.com/search/document.do	af854a3a-2127-422b-91ae-364da2661108	sunsolve.sun.com
The Slackware Linux Project: Slackware Security Advisories	af854a3a-2127-422b-91ae-364da2661108	slackware.com
osvdb.org/54514	af854a3a-2127-422b-91ae-364da2661108	osvdb.org
osvdb.org/54515	af854a3a-2127-422b-91ae-364da2661108	osvdb.org
Repository / Oval Repository	af854a3a-2127-422b-91ae-364da2661108	oval.cisecurity.org
Avaya CMS Solaris SASL Library Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
US-CERT Technical Cyber Security Alert TA10-103B -- Oracle Updates for Multiple Vulnerabilities	af854a3a-2127-422b-91ae-364da2661108	www.us-cert.gov	US Government Resource
APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3	af854a3a-2127-422b-91ae-364da2661108	lists.apple.com
ASA-2009-184 (SUN 259148)	af854a3a-2127-422b-91ae-364da2661108	support.avaya.com
sunsolve.sun.com/search/document.do	af854a3a-2127-422b-91ae-364da2661108	sunsolve.sun.com
sunsolve.sun.com/search/document.do	af854a3a-2127-422b-91ae-364da2661108	sunsolve.sun.com
Advisories:rPSA-2009-0091 - rPath Wiki	af854a3a-2127-422b-91ae-364da2661108	wiki.rpath.com
About the security content of Security Update 2010-002 / Mac OS X v10.6.3	af854a3a-2127-422b-91ae-364da2661108	support.apple.com
IBM X-Force Exchange	af854a3a-2127-422b-91ae-364da2661108	exchange.xforce.ibmcloud.com
Sun Java System Directory Server Two Vulnerabilities - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Cyrus SASL 'sasl_encode64()' Remote Buffer Overflow Vulnerability	af854a3a-2127-422b-91ae-364da2661108	www.securityfocus.com	Patch
SUSE Update for Multiple Packages - Advisories - Community	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Oracle Critical Patch Update Advisory - April 2010	af854a3a-2127-422b-91ae-364da2661108	www.oracle.com
Sun Solaris SASL Library Buffer Overflow Vulnerability - Secunia Advisories - Vulnerability Information - Secunia.com	af854a3a-2127-422b-91ae-364da2661108	secunia.com
Gentoo Linux Documentation -- Cyrus-SASL: Execution of arbitrary code	af854a3a-2127-422b-91ae-364da2661108	security.gentoo.org
Support	af854a3a-2127-422b-91ae-364da2661108	www.redhat.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Organization	Published	Contributor	Statement
Red Hat	2009-06-19	Tomas Hoger	The upstream fix for this issue is not backwards compatible and introduces an ABI change not allowed in Red Hat Enterprise Linux. Therefore, there is no plan to address this problem directly in cyrus-sasl packages. All applications shipped in Red Hat Enterprise Linux and using affected sasl_encode64() function were investigated and patched if their use of the function could have security consequences. See following bug report for further details: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-0688#c20

There are currently no legacy QID mappings associated with this CVE.