Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200907-09 High: Arbitrary Code Execution via Cyrus-SASL

gentoo
Calendar Grey July 12, 2009
Dist Gentoo Esm H88
Critical warning issued for Gentoo regarding a vulnerability in Cyrus-SASL that could lead to unrestrained code execution due to a buffer overflow.
A buffer overflow in Cyrus-SASL might allow for the execution of arbitrary code in applications or daemons that authenticate using SASL.

Summary

Gentoo Linux Security Advisory GLSA 200907-09 https://security.gentoo.org/ Severity: High Title: Cyrus-SASL: Execution of arbitrary code Date: July 12, 2009 Bugs: #270261 ID: 200907-09

Synopsis ======= A buffer overflow in Cyrus-SASL might allow for the execution of arbitrary code in applications or daemons that authenticate using SASL.
Background ========= Cyrus-SASL is an implementation of the Simple Authentication and Security Layer.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/cyrus-sasl < 2.1.23 >= 2.1.23
========== James Ralston reported that in certain situations, Cyrus-SASL does not properly terminate strings which can result in buffer ov...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory high severity gentoo buffer overflow arbitrary code execution cyrus-sasl authentication

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory high severity gentoo buffer overflow arbitrary code execution cyrus-sasl authentication

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here