Vulnerabilities > Carnegie Mellon University > Cyrus Sasl > 1.5.24
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-05-15 | CVE-2009-0688 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Carnegie Mellon University Cyrus-Sasl Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c. | 7.5 |
2000-12-19 | CVE-2000-0956 | Unspecified vulnerability in Carnegie Mellon University Cyrus-Sasl 1.5.24 cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions. | 4.6 |