oval:org.mitre.oval:def:13676

Definition Id: oval:org.mitre.oval:def:13676

Oval ID:	oval:org.mitre.oval:def:13676
Title:	DSA-1807-1 cyrus-sasl2, cyrus-sasl2-heimdal -- buffer overflow
Description:	James Ralston discovered that the sasl_encode64 function of cyrus-sasl2, a free library implementing the Simple Authentication and Security Layer, suffers from a missing null termination in certain situations. This causes several buffer overflows in situations where cyrus-sasl2 itself requires the string to be null terminated which can lead to denial of service or arbitrary code execution. Important notice : While this patch will fix currently vulnerable code, it can cause non-vulnerable existing code to break. Here’s a function prototype from include/saslutil.h to clarify my explanation: /* base64 encode * in -- input data * inlen -- input data length * out -- output buffer * outmax -- max size of output buffer * result: * outlen -- gets actual length of output buffer * * Returns SASL_OK on success, SASL_BUFOVER if result won't fit / LIBSASL_API int sasl_encode64; Assume a scenario where calling code has been written in such a way that it calculates the exact size required for base64 encoding in advance, then allocates a buffer of that exact size, passing a pointer to the buffer into sasl_encode64 as out. As long as this code does not anticipate that the buffer is NUL-terminated the code will work and it will not be vulnerable. Once this patch is applied, that same code will break because sasl_encode64 will begin to return SASL_BUFOVER. For the oldstable distribution, this problem will be fixed soon. For the stable distribution, this problem has been fixed in version 2.1.22.dfsg1-23+lenny1 of cyrus-sasl2 and cyrus-sasl2-heimdal. For the testing distribution, this problem will be fixed soon. For the unstable distribution, this problem has been fixed in version 2.1.23.dfsg1-1 of cyrus-sasl2 and cyrus-sasl2-heimdal. We recommend that you upgrade your cyrus-sasl2/cyrus-sasl2-heimdal packages.
Family:	unix	Class:	patch
Reference(s):	DSA-1807-1 CVE-2009-0688	Version:	5
Platform(s):	Debian GNU/Linux 5.0	Product(s):	cyrus-sasl2 cyrus-sasl2-heimdal
Definition Synopsis:
Debian GNU/Linux 5.0 is installed Architecture section Architecture independent section Installed architecture is all AND cyrus-sasl2-doc DPKG is earlier than 2.1.22.dfsg1-23+lenny1 OR Architecture depended section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is arm AND Installed architecture is i386 AND Installed architecture is armel AND Installed architecture is mips AND Installed architecture is ia64 AND Installed architecture is alpha AND Installed architecture is powerpc AND Installed architecture is mipsel AND Installed architecture is hppa AND Packages section libsasl2-2 DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND libsasl2-modules-gssapi-heimdal DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND cyrus-sasl2-heimdal-dbg DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND sasl2-bin DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND cyrus-sasl2-dbg DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND libsasl2-modules-gssapi-mit DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND libsasl2-dev DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND libsasl2-modules-sql DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND libsasl2-modules DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND libsasl2-modules-ldap DPKG is earlier than 2.1.22.dfsg1-23+lenny1 AND libsasl2-modules-otp DPKG is earlier than 2.1.22.dfsg1-23+lenny1

Definition Id: oval:org.mitre.oval:def:6513

Oval ID:	oval:org.mitre.oval:def:6513
Title:	Debian GNU/Linux 5.0 is installed
Description:	Debian GNU/Linux 5.0 (lenny) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:5.0	Version:	7
Platform(s):	Debian GNU/Linux 5.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 5.0 is installed
Referenced By:
oval:org.mitre.oval:def:13676

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0268s

Facebook rss twitter linkedin mail