Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2009-0688

Back to Search

SUSE Linux Security Vulnerability: CVE-2009-0688

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
05/15/2009
Created
07/25/2018
Added
02/17/2015
Modified
07/04/2017

Description

Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.

Solution(s)

  • suse-upgrade-cyrus-sasl
  • suse-upgrade-cyrus-sasl-32bit
  • suse-upgrade-cyrus-sasl-64bit
  • suse-upgrade-cyrus-sasl-crammd5
  • suse-upgrade-cyrus-sasl-crammd5-32bit
  • suse-upgrade-cyrus-sasl-crammd5-64bit
  • suse-upgrade-cyrus-sasl-devel
  • suse-upgrade-cyrus-sasl-devel-32bit
  • suse-upgrade-cyrus-sasl-devel-64bit
  • suse-upgrade-cyrus-sasl-digestmd5
  • suse-upgrade-cyrus-sasl-digestmd5-32bit
  • suse-upgrade-cyrus-sasl-digestmd5-64bit
  • suse-upgrade-cyrus-sasl-gssapi
  • suse-upgrade-cyrus-sasl-gssapi-32bit
  • suse-upgrade-cyrus-sasl-gssapi-64bit
  • suse-upgrade-cyrus-sasl-ntlm
  • suse-upgrade-cyrus-sasl-otp
  • suse-upgrade-cyrus-sasl-otp-32bit
  • suse-upgrade-cyrus-sasl-otp-64bit
  • suse-upgrade-cyrus-sasl-plain
  • suse-upgrade-cyrus-sasl-plain-32bit
  • suse-upgrade-cyrus-sasl-plain-64bit
  • suse-upgrade-cyrus-sasl-sqlauxprop
  • suse-upgrade-cyrus-sasl-x86

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;