|Summary:||net-im/gaim MSN Protocol Parsing Function Multiple Overflows|
|Product:||Gentoo Security||Reporter:||Sune Kloppenborg Jeppesen <jaervosz>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Package list:||Runtime testing required:||---|
Description Sune Kloppenborg Jeppesen 2004-08-11 00:13:54 UTC
Gaim contains several remote overflows related to the MSN-protocol parsing functions that may allow remote code execution. No further details have been provided.
Comment 1 Sune Kloppenborg Jeppesen 2004-08-11 00:18:07 UTC
Unclear if this is fixed in gaim-0.81.
Comment 2 Chris White (RETIRED) 2004-08-11 00:27:03 UTC
Created attachment 37199 [details] Rats log for assessing the security issues. Here's a rats log which might help in addressing the security issue. There appears to be a lot of High ranking bugs in it. I'll take a look and see.
Comment 3 Don Seiler (RETIRED) 2004-08-11 06:43:17 UTC
I'll ask upstream and report back.
Comment 4 Don Seiler (RETIRED) 2004-08-11 07:17:41 UTC
Chris did you run RATS against the 0.81 package?
Comment 5 Don Seiler (RETIRED) 2004-08-11 12:32:46 UTC
Upstream identified potential exploits from SuSE, one had already been fixed, other is patched in their CVS and now in net-im/gaim-0.81-r1, just committed to portage.
Comment 6 Don Seiler (RETIRED) 2004-08-11 12:35:33 UTC
Thinking about ARCH vs ~ARCH, right now 0.80 is stable on all. I was going to start pushing 0.81 later this week. Should make that push for what I presume will be a GLSA or do you want me to backport the fix to 0.80 as well? I'd rather see users moved to 0.81 for the bug fixes anyway. Let me know what you guys think.
Comment 7 Don Seiler (RETIRED) 2004-08-11 12:55:47 UTC
Stable on x86. Other arches can you please push this through to stable for a security fix?
Comment 8 Don Seiler (RETIRED) 2004-08-11 12:58:26 UTC
By "this" I mean net-im/gaim-0.81-r1.
Comment 9 Don Seiler (RETIRED) 2004-08-11 14:34:48 UTC
lv marked stable on amd64
Comment 10 Sune Kloppenborg Jeppesen 2004-08-11 14:56:21 UTC
rizzo thanks for the swift reaction.
Comment 11 Jochen Maes (RETIRED) 2004-08-12 00:40:25 UTC
i'm testing this on ppc
Comment 12 Jochen Maes (RETIRED) 2004-08-12 04:41:25 UTC
Don't know if it's normal but i can't login: account: Connecting to account 0x10186408. gc = 0x1037b1f8 connection: Connecting. gc = 0x1037b1f8 connection: Calling serv_login server: gaim 0.81 logging in firstname.lastname@example.org using MSN dns: Successfully sent DNS request to child 26777 dns: Host 'messenger.hotmail.com' resolved proxy: Connecting to messenger.hotmail.com:1863 with no proxy proxy: Connect would have blocked. proxy: Connected. account: Disconnecting account 0x10186408 connection: Disconnecting connection 0x1037b1f8 blist: Destroying connection: Destroying connection 0x1037b1f8 accounts: Writing accounts to disk.
Comment 13 Jochen Maes (RETIRED) 2004-08-12 04:44:53 UTC
just got to logging in, added stable
Comment 14 Guy Martin (RETIRED) 2004-08-12 05:16:33 UTC
Stable on hppa.
Comment 15 Gustavo Zacarias (RETIRED) 2004-08-12 05:42:56 UTC
Comment 16 Sune Kloppenborg Jeppesen 2004-08-12 09:07:47 UTC
GLSA drafted security please review
Comment 17 Sune Kloppenborg Jeppesen 2004-08-12 14:01:52 UTC
GLSA 200408-12. alpha ia64 mips remember to mark stable to benifit from GLSA.
Comment 18 Bryan Østergaard (RETIRED) 2004-08-12 15:15:28 UTC
Stable on alpha.
Comment 19 Stephen Becker (RETIRED) 2004-08-14 20:49:23 UTC
stable on mips