Red Hat Bugzilla – Bug 504207
CVE-2009-0688 cyrus-imapd uses sasl_encode64() improperly
Last modified: 2011-05-27 16:39:11 EDT
An issue was reported in how cyrus-sasl did not reliably terminate its output from the sasl_encode64() function. During an audit of programs that use sasl_encode64(), it was found that cyrus-imapd just allocates a large output buffer without any appropriate checks against the size of the input buffer. The strings in question are not used for anything odd; they are simply copied elsewhere. This means that we are going to see a crash, leaking some memory to the server, or auth failures.
More information on the issue as originally reported against cyrus-sasl (CVE-2009-0688) is available in bug #487251.
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2009:1116 https://rhn.redhat.com/errata/RHSA-2009-1116.html