Rapid7 Vulnerability & Exploit Database

RHSA-2002:283: Updated cyrus-sasl packages fix buffer overflows

Back to Search

RHSA-2002:283: Updated cyrus-sasl packages fix buffer overflows



Updated cyrus-sasl packages are now available for Red Hat Linux 8.0. These packages close buffer overflows present in Cyrus SASL 2.1 and later.

Cyrus SASL is an implementation of the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. Cyrus SASL versions 2 prior to 2.1.10 include a number of buffer overflow vulnerabilities: Insufficient buffer length checking in user name canonicalization. This issue would be hard to exploit, but would allow a remote user to execute arbitrary code on the system. When performing authentication using LDAP, saslauthd does not allocate enough memory when it needs to escape special characters in the username and realm. This issue may be easy to remotely exploit. The Log writer might not have allocated memory for the trailing \0 in a message. This issue is probably hard to exploit, although it is possible to affect the logging data with at least anonymous authentication. All users of Cyrus-SASL on Red Hat Linux 8.0 are advised to upgrade to the erratum packages containing Cyrus SASL version 2.1.10 which is not affected by these vulnerabilities. Other Red Hat Linux releases are not affected by this vulnerability as they included Cyrus-SASL version 1.5.x.


  • redhat-upgrade-cyrus-sasl
  • redhat-upgrade-cyrus-sasl-devel
  • redhat-upgrade-cyrus-sasl-gssapi
  • redhat-upgrade-cyrus-sasl-md5
  • redhat-upgrade-cyrus-sasl-plain

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center