FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cyrus-sasl -- buffer overflow vulnerability

Affected packages
cyrus-sasl < 2.1.23

Details

VuXML ID 14ab174c-40ef-11de-9fd5-001bd3385381
Discovery 2009-04-08
Entry 2009-05-15

US-CERT reports:

The sasl_encode64() function converts a string into base64. The Cyrus SASL library contains buffer overflows that occur because of unsafe use of the sasl_encode64() function.

References

CVE Name CVE-2009-0688
URL http://www.kb.cert.org/vuls/id/238019