Cyrus SASL Multiple Remote And Local Vulnerabilities

Cyrus SASL is affected by multiple critical vulnerabilities that may be remotely exploitable. The first issue is due to a boundary condition error, the second issue is due to a failure of the application to properly handle environment variables.

Information currently available regarding these issues is insufficient to provide a more detailed analysis. This BID will be updated and split into separate BIDs when more information becomes available.

An attacker can leverage the boundary condition issue to exploit arbitrary code on the affected computer. The impact of the environment variable issue is currently unknown.


Privacy Statement
Copyright 2010, SecurityFocus