Filtered by vendor Carnegie Mellon University Subscriptions
Filtered by product Cyrus-sasl Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-0688 2 Carnegie Mellon University, Redhat 2 Cyrus-sasl, Enterprise Linux 2024-11-21 N/A
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
CVE-2000-0956 1 Carnegie Mellon University 1 Cyrus-sasl 2024-11-21 N/A
cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.