[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050421141845.GB13292@kevlar.burdell.org>
Date: Thu, 21 Apr 2005 10:18:45 -0400
From: Peachtree Linux Security Team <security@...chtree.burdell.org>
To: bugtraq@...urityfocus.com
Subject: [PLSN-0002] - Multiple vulnerabilities in Gaim
---------------------------------------------------------------------------
Peachtree Linux Security Notice PLSN-0002
April 20, 2005
Multiple remote vulnerabilities in Gaim
CAN-2005-0965, CAN-2005-0966, CAN-2005-0967, CAN-2005-0208, CAN-2005-0473,
CAN-2005-0472
---------------------------------------------------------------------------
The following Peachtree Linux releases are affected:
Peachtree Linux release 1 ("Atlanta")
Description:
CAN-2005-0965: The gaim_markup_strip_html function in Gaim 1.2.0, and
possibly earlier versions, allows remote attackers to cause a denial of
service (application crash) via a string that contains malformed HTML,
which causes an out-of-bounds read.
CAN-2005-0966: The IRC protocol plugin in Gaim 1.2.0, and possibly
earlier versions, allows (1) remote attackers to inject arbitrary Gaim
markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2)
remote attackers to inject arbitrary Pango markup and pop up empty
dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause
a denial of service (application crash) by injecting certain Pango
markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown,
irc_msg_nochan functions.
CAN-2005-0967: Gaim 1.2.0 allows remote attackers to cause a denial
of service (application crash) via a malformed file transfer request
to a Jabber user, which leads to an out-of-bounds read.
CAN-2005-0208: The HTML parsing functions in Gaim before 1.1.4 allow
remote attackers to cause a denial of service (application crash) via
malformed HTML that causes "an invalid memory access," a different
vulnerability than CAN-2005-0473.
CAN-2005-0473: The HTML parsing functions in Gaim before 1.1.3 allow
remote attackers to cause a denial of service (application crash) via
malformed HTML that causes "an invalid memory access," a different
vulnerability than CAN-2005-0208.
CAN-2005-0472: Gaim before 1.1.3 allows remote attackers to cause a
denial of service (infinite loop) via malformed SNAC packets from (1)
AIM or (2) ICQ.
Packages:
Download the updated gaim package for your release of Peachtree Linux
and your host architecture. The main updates site is:
http://peachtree.burdell.org/updates/
Updated packages available for Peachtree Linux release 1 ("Atlanta"):
alpha
4aadbdb96b4ce84d636bebc9a91cca26 gaim-1.2.1.alpha.dist
i386
5b00656d3f2bf2ce224ef8df96361d32 gaim-1.2.1.i686.dist
ppc
5378ffd8f0b31d3bb3fa40cded1429b0 gaim-1.2.1.ppc.dist
Solution:
Download the appropriate package for your release of Peachtree Linux.
Upgrade your system to the new package:
distadd -u packagename
Where packagename is the name of the package file from the list above.
After installation of the new package, kill any running gaim processes
and reload the application.
--
Peachtree Linux Security Team
http://peachtree.burdell.org/
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists