Carnegie Mellon University Cyrus-Sasl vulnerabilities
2 known vulnerabilities affecting carnegie_mellon_university/cyrus-sasl.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-0688HIGHCVSS 7.5≤ 2.1.22v1.4.1+44 more2009-05-15
CVE-2009-0688 [HIGH] CWE-119 CVE-2009-0688: Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers t
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
nvd
CVE-2000-0956MEDIUMCVSS 4.6v1.5.242000-12-19
CVE-2000-0956 [MEDIUM] CVE-2000-0956: cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local
cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.
nvd