Mandrake Linux Security Advisory : gaim (MDKSA-2004:006-1)

high Nessus Plugin ID 14106

Synopsis

The remote Mandrake Linux host is missing one or more security updates.

Description

A number of vulnerabilities were discovered in the gaim instant messenger program by Steffan Esser, versions 0.75 and earlier. Thanks to Jacques A. Vidrine for providing initial patches.

Multiple buffer overflows exist in gaim 0.75 and earlier: When parsing cookies in a Yahoo web connection; YMSG protocol overflows parsing the Yahoo login webpage; a YMSG packet overflow; flaws in the URL parser;
and flaws in the HTTP Proxy connect (CAN-2004-006).

A buffer overflow in gaim 0.74 and earlier in the Extract Info Field Function used for MSN and YMSG protocol handlers (CAN-2004-007).

An integer overflow in gaim 0.74 and earlier, when allocating memory for a directIM packet results in a heap overflow (CVE-2004-0008).

Update :

The patch used to correct the problem was slightly malformed and could cause an infinite loop and crash with the Yahoo protocol. The new packages have a corrected patch that resolves the problem.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 14106

File Name: mandrake_MDKSA-2004-006.nasl

Version: 1.20

Type: local

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:gaim, p-cpe:/a:mandriva:linux:gaim-encrypt, p-cpe:/a:mandriva:linux:gaim-festival, p-cpe:/a:mandriva:linux:gaim-perl, p-cpe:/a:mandriva:linux:lib64gaim-remote0, p-cpe:/a:mandriva:linux:lib64gaim-remote0-devel, p-cpe:/a:mandriva:linux:libgaim-remote0, p-cpe:/a:mandriva:linux:libgaim-remote0-devel, cpe:/o:mandrakesoft:mandrake_linux:9.1, cpe:/o:mandrakesoft:mandrake_linux:9.2

Required KB Items: Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list, Host/local_checks_enabled

Patch Publication Date: 1/30/2004

Reference Information

CVE: CVE-2004-0006, CVE-2004-0007, CVE-2004-0008

MDKSA: 2004:006-1