Bug#528749: Cyrus SASL library buffer overflow vulnerability
Thijs Kinkhorst
thijs at debian.org
Fri May 15 08:49:40 UTC 2009
Package: cyrus-sasl2
Severity: serious
Tags: security
Hi,
The following vulnerability has been published for Cyrus SASL:
Cyrus SASL library buffer overflow vulnerability
Overview
The Cyrus SASL library contains a buffer overflow vulnerability that could
allow an attacker to execute code or cause a vulnerable program to crash.
I. Description
SASL (Simple Authentication and Security Layer) is a method for adding
authentication support to various protocols. SASL is commonly used by mail
servers to request authentication from clients and by clients to
authenticate to servers.
The sasl_encode64() function converts a string into base64. The Cyrus SASL
library contains buffer overflows that occur because of unsafe use of the
sasl_encode64() function.
II. Impact
A remote attacker might be able to execute code, or cause any programs
relying on SASL to crash or be unavailable.
III. Solution: Upgrade
Cyrus SASL 2.1.23 has been released to address this issue. Before
releasing fixed binaries, maintainers are encouraged to review the Cyrus
vendor statement associated with this note.
See also: http://www.kb.cert.org/vuls/id/RGII-7RYLZQ
This is CVE-2009-0688 and VU#238019.
Please mention these references in your changelogs.
Can you provide updated packages for sid, and assess whether etch/lenny
are affected?
thanks,
Thijs
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list