BugTraq
[PLSN-0002] - Multiple vulnerabilities in Gaim Apr 21 2005 02:18PM
Peachtree Linux Security Team (security peachtree burdell org)
------------------------------------------------------------------------
---
Peachtree Linux Security Notice PLSN-0002
April 20, 2005

Multiple remote vulnerabilities in Gaim
CAN-2005-0965, CAN-2005-0966, CAN-2005-0967, CAN-2005-0208, CAN-2005-0473,
CAN-2005-0472
------------------------------------------------------------------------
---

The following Peachtree Linux releases are affected:

Peachtree Linux release 1 ("Atlanta")

Description:

CAN-2005-0965: The gaim_markup_strip_html function in Gaim 1.2.0, and
possibly earlier versions, allows remote attackers to cause a denial of
service (application crash) via a string that contains malformed HTML,
which causes an out-of-bounds read.

CAN-2005-0966: The IRC protocol plugin in Gaim 1.2.0, and possibly
earlier versions, allows (1) remote attackers to inject arbitrary Gaim
markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2)
remote attackers to inject arbitrary Pango markup and pop up empty
dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause
a denial of service (application crash) by injecting certain Pango
markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown,
irc_msg_nochan functions.

CAN-2005-0967: Gaim 1.2.0 allows remote attackers to cause a denial
of service (application crash) via a malformed file transfer request
to a Jabber user, which leads to an out-of-bounds read.

CAN-2005-0208: The HTML parsing functions in Gaim before 1.1.4 allow
remote attackers to cause a denial of service (application crash) via
malformed HTML that causes "an invalid memory access," a different
vulnerability than CAN-2005-0473.

CAN-2005-0473: The HTML parsing functions in Gaim before 1.1.3 allow
remote attackers to cause a denial of service (application crash) via
malformed HTML that causes "an invalid memory access," a different
vulnerability than CAN-2005-0208.

CAN-2005-0472: Gaim before 1.1.3 allows remote attackers to cause a
denial of service (infinite loop) via malformed SNAC packets from (1)
AIM or (2) ICQ.

Packages:

Download the updated gaim package for your release of Peachtree Linux
and your host architecture. The main updates site is:

http://peachtree.burdell.org/updates/

Updated packages available for Peachtree Linux release 1 ("Atlanta"):

alpha
4aadbdb96b4ce84d636bebc9a91cca26 gaim-1.2.1.alpha.dist

i386
5b00656d3f2bf2ce224ef8df96361d32 gaim-1.2.1.i686.dist

ppc
5378ffd8f0b31d3bb3fa40cded1429b0 gaim-1.2.1.ppc.dist

Solution:

Download the appropriate package for your release of Peachtree Linux.
Upgrade your system to the new package:

distadd -u packagename

Where packagename is the name of the package file from the list above.

After installation of the new package, kill any running gaim processes
and reload the application.

--
Peachtree Linux Security Team
http://peachtree.burdell.org/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus