Mandrake Security Advisory MDVSA-2009:113 (cyrus-sasl)

Summary
The remote host is missing an update to cyrus-sasl announced via advisory MDVSA-2009:113.
Solution
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:113
Insight
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c (CVE-2009-0688). The updated packages have been patched to prevent this. Affected: 2008.1, 2009.0, 2009.1, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0