JVN/CVE Demo: Cveinfos

CVE

Id: 38123
CVE No.: CVE-2009-0688
Status: Candidate
Description: Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c.
Phase: Assigned (20090222)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
414525	38123	CVE-2009-0688	CONFIRM:ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz	View
414526	38123	CVE-2009-0688	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2009-184.htm	View
414527	38123	CVE-2009-0688	CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0091	View
414528	38123	CVE-2009-0688	CONFIRM:http://support.apple.com/kb/HT4077	View
414529	38123	CVE-2009-0688	CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html	View
414530	38123	CVE-2009-0688	APPLE:APPLE-SA-2010-03-29-1	View
414531	38123	CVE-2009-0688	URL:http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html	View
414532	38123	CVE-2009-0688	DEBIAN:DSA-1807	View
414533	38123	CVE-2009-0688	URL:http://www.debian.org/security/2009/dsa-1807	View
414534	38123	CVE-2009-0688	GENTOO:GLSA-200907-09	View
414535	38123	CVE-2009-0688	URL:http://security.gentoo.org/glsa/glsa-200907-09.xml	View
414536	38123	CVE-2009-0688	MANDRIVA:MDVSA-2009:113	View
414537	38123	CVE-2009-0688	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2009:113	View
414538	38123	CVE-2009-0688	REDHAT:RHSA-2009:1116	View
414539	38123	CVE-2009-0688	URL:http://www.redhat.com/support/errata/RHSA-2009-1116.html	View
414540	38123	CVE-2009-0688	SLACKWARE:SSA:2009-134-01	View
414541	38123	CVE-2009-0688	URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.448834	View
414542	38123	CVE-2009-0688	SUNALERT:259148	View
414543	38123	CVE-2009-0688	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-259148-1	View
414544	38123	CVE-2009-0688	SUNALERT:264248	View
414545	38123	CVE-2009-0688	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-264248-1	View
414546	38123	CVE-2009-0688	SUNALERT:273910	View
414547	38123	CVE-2009-0688	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-66-273910-1	View
414548	38123	CVE-2009-0688	SUNALERT:1020755	View
414549	38123	CVE-2009-0688	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020755.1-1	View
414550	38123	CVE-2009-0688	SUNALERT:1021699	View
414551	38123	CVE-2009-0688	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021699.1-1	View
414552	38123	CVE-2009-0688	SUSE:SUSE-SR:2009:011	View
414553	38123	CVE-2009-0688	URL:http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	View
414554	38123	CVE-2009-0688	UBUNTU:USN-790-1	View
414555	38123	CVE-2009-0688	URL:http://www.ubuntu.com/usn/usn-790-1	View
414556	38123	CVE-2009-0688	CERT:TA10-103B	View
414557	38123	CVE-2009-0688	URL:http://www.us-cert.gov/cas/techalerts/TA10-103B.html	View
414558	38123	CVE-2009-0688	CERT-VN:VU#238019	View
414559	38123	CVE-2009-0688	URL:http://www.kb.cert.org/vuls/id/238019	View
414560	38123	CVE-2009-0688	BID:34961	View
414561	38123	CVE-2009-0688	URL:http://www.securityfocus.com/bid/34961	View
414562	38123	CVE-2009-0688	OSVDB:54514	View
414563	38123	CVE-2009-0688	URL:http://osvdb.org/54514	View
414564	38123	CVE-2009-0688	OSVDB:54515	View
414565	38123	CVE-2009-0688	URL:http://osvdb.org/54515	View
414566	38123	CVE-2009-0688	OVAL:oval:org.mitre.oval:def:10687	View
414567	38123	CVE-2009-0688	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10687	View
414568	38123	CVE-2009-0688	OVAL:oval:org.mitre.oval:def:6136	View
414569	38123	CVE-2009-0688	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6136	View
414570	38123	CVE-2009-0688	SECTRACK:1022231	View
414571	38123	CVE-2009-0688	URL:http://www.securitytracker.com/id?1022231	View
414572	38123	CVE-2009-0688	SECUNIA:35094	View
414573	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35094	View
414574	38123	CVE-2009-0688	SECUNIA:35097	View
414575	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35097	View
414576	38123	CVE-2009-0688	SECUNIA:35102	View
414577	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35102	View
414578	38123	CVE-2009-0688	SECUNIA:35206	View
414579	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35206	View
414580	38123	CVE-2009-0688	SECUNIA:35239	View
414581	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35239	View
414582	38123	CVE-2009-0688	SECUNIA:35321	View
414583	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35321	View
414584	38123	CVE-2009-0688	SECUNIA:35416	View
414585	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35416	View
414586	38123	CVE-2009-0688	SECUNIA:35497	View
414587	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35497	View
414588	38123	CVE-2009-0688	SECUNIA:35746	View
414589	38123	CVE-2009-0688	URL:http://secunia.com/advisories/35746	View
414590	38123	CVE-2009-0688	SECUNIA:39428	View
414591	38123	CVE-2009-0688	URL:http://secunia.com/advisories/39428	View
414592	38123	CVE-2009-0688	VUPEN:ADV-2009-1313	View
414593	38123	CVE-2009-0688	URL:http://www.vupen.com/english/advisories/2009/1313	View
414594	38123	CVE-2009-0688	VUPEN:ADV-2009-2012	View
414595	38123	CVE-2009-0688	URL:http://www.vupen.com/english/advisories/2009/2012	View
414596	38123	CVE-2009-0688	XF:solaris-sasl-saslencode64-bo(50554)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
40913	JVNDB-2009-001919	ISC DHCP dhclient におけるバッファオーバーフローの脆弱性	ISC DHCP dhclient には、バッファオーバーフローの脆弱性が存在します。	CVE-2009-0692	38123	10		http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001919.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.37 MB
View render complete	2.89 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.02
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	431.33
Event: Controller.beforeRender	6.14
» Processing toolbar data	6.03
Rendering View	22.51
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	21.22
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.75
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.14
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/38123
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/38123
Remote Port	34979
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.173
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.25.50
Http Via	1.1 squid-proxy-5b5d847c96-mtcd4 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.173
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.173
Unique Id	aMPCPUaqJD-E1_v6-hvsRAAAAas
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.173
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.173
Redirect Unique Id	aMPCPUaqJD-E1_v6-hvsRAAAAas
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.173
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.173
Redirect Redirect Unique Id	aMPCPUaqJD-E1_v6-hvsRAAAAas
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1757659709.9492
Request Time	1757659709

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files