|Summary:||net-im/tmsnc <0.3.2-r1 UBX Stack-based buffer overflow (CVE-2008-2828)|
|Product:||Gentoo Security||Reporter:||Robert Buchholz (RETIRED) <rbu>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Package list:||Runtime testing required:||---|
|Bug Depends on:||240045|
Description Robert Buchholz (RETIRED) 2008-06-24 01:49:58 UTC
CVE-2008-2828 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2828): Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an MSN packet with a UBX commands containing a large UBX payload length field.
Comment 1 Pierre-Yves Rofes (RETIRED) 2008-07-06 21:25:22 UTC
Created attachment 159737 [details, diff] tmsnc-UBX-buffer-overflow-CVE-2008-2828 here's the patch from Nico Golde. net-im, please bump as necessary.
Comment 2 Pierre-Yves Rofes (RETIRED) 2008-07-21 20:25:01 UTC
(In reply to comment #1) > Created an attachment (id=159737)  > tmsnc-UBX-buffer-overflow-CVE-2008-2828 > > here's the patch from Nico Golde. net-im, please bump as necessary. > *ping*
Comment 3 Robert Buchholz (RETIRED) 2008-10-04 19:05:58 UTC
+*tmsnc-0.3.2-r1 (04 Oct 2008) + + 04 Oct 2008; Robert Buchholz <email@example.com> + +files/tmsnc-UBX-buffer-overflow-CVE-2008-2828.patch, + +tmsnc-0.3.2-r1.ebuild: + Fix stack based buffer overflow (security bug #229157) +
Comment 4 Robert Buchholz (RETIRED) 2008-10-04 19:10:27 UTC
Arches, please test and mark stable: =net-im/tmsnc-0.3.2-r1 Target keywords : "amd64 hppa ppc x86"
Comment 5 Jeroen Roovers (RETIRED) 2008-10-05 17:31:28 UTC
Hmm, I get "The protocols doesn't match"[sic] during login. Any ideas?
Comment 6 Stefan Behte (RETIRED) 2008-10-05 18:09:54 UTC
In June/July there has been a protocol change in ICQ, all ICQ clients were affected. tmsnc is discontinued, their SVN tree (http://tmsnc.svn.sourceforge.net/viewvc/tmsnc/so) is 2 years old. If 0.3.2 does not work anymore, it's very likely we won't get a fix. Proposed solutions: a) we fix it b) remove it from the tree Also see: http://forums.gentoo.org/viewtopic-t-698545-highlight-licq.html
Comment 7 Robert Buchholz (RETIRED) 2008-10-05 18:22:47 UTC
I guess I should have tried more than a program startup. I'm removing arches, let's remove this.
Comment 8 Olivier Crete (RETIRED) 2009-03-01 21:04:18 UTC
gone from the tree
Comment 9 Robert Buchholz (RETIRED) 2009-03-02 16:11:28 UTC
glsa still to be sent
Comment 10 Robert Buchholz (RETIRED) 2009-03-12 14:03:17 UTC