Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
Back to list
|
Post reply
Pidgin 2.4.1 Vulnerability
Jun 26 2008 04:15AM
jplopezy gmail com
Application: Pidgin 2.4.1
OS: Linux - Ubuntu 8.04
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
------------------------------------------------------
Description
Pidgin is an instant messaging program with which you can use a number of protocols known as (MSN, ICQ, AIM).
While there is Pidgin 2.4.2 version which was not provided in this version so I could not say whether it was also vulnerable.
------------------------------------------------------
Vulnerability
The vulnerability works sending files with the protocol msn (I did not test at all protocols),
if a file is sent with a long name and special characters and this causes the program to break.
If we analyze the vulnerability with a debugger you can see a flaw in the following function
0xb62abaeb in msn_slplink_process_msg
According with the characters used, the fault may vary in other functions.
------------------------------------------------------
POC/EXPLOIT
For proof of the concept you should create a file either (never mind the extension) with the maximum allowable characters,
with the following characteristics.
ASCII = (‣ ․ ‥ ? )
HEX = ( 26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20 26 23 38 32 32 39 3b 20 85 )
------------------------------------------------------
Juan Pablo Lopez Yacubian
[ reply ]
Privacy Statement
Copyright 2008, SecurityFocus
Application: Pidgin 2.4.1
OS: Linux - Ubuntu 8.04
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
------------------------------------------------------
Description
Pidgin is an instant messaging program with which you can use a number of protocols known as (MSN, ICQ, AIM).
While there is Pidgin 2.4.2 version which was not provided in this version so I could not say whether it was also vulnerable.
------------------------------------------------------
Vulnerability
The vulnerability works sending files with the protocol msn (I did not test at all protocols),
if a file is sent with a long name and special characters and this causes the program to break.
If we analyze the vulnerability with a debugger you can see a flaw in the following function
0xb62abaeb in msn_slplink_process_msg
According with the characters used, the fault may vary in other functions.
------------------------------------------------------
POC/EXPLOIT
For proof of the concept you should create a file either (never mind the extension) with the maximum allowable characters,
with the following characteristics.
ASCII = (‣ ․ ‥ ? )
HEX = ( 26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20 26 23 38 32 32 39 3b 20 85 )
------------------------------------------------------
Juan Pablo Lopez Yacubian
[ reply ]