Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 299751 (CVE-2010-0013) - <net-im/pidgin-2.6.5: msn arbitrary file retrieval (CVE-2010-0013)
Summary: <net-im/pidgin-2.6.5: msn arbitrary file retrieval (CVE-2010-0013)
Status: RESOLVED FIXED
Alias: CVE-2010-0013
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High minor (vote)
Assignee: Gentoo Security
URL: http://developer.pidgin.im/viewmtn/re...
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-01-05 13:21 UTC by cnu
Modified: 2012-06-21 18:29 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description cnu 2010-01-05 13:21:55 UTC
http://seclists.org/oss-sec/2010/q1/0
http://xorl.wordpress.com/2010/01/01/pidgin-msn-slp-emoticon-directory-traversal/

Seems like people can steal my files or something..oh noes.

Reproducible: Always
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2010-01-06 18:35:26 UTC
2.6.4 does not have the fix, there is no new release yet.
Patch in $URL, please provide a patched ebuild.
Comment 2 Mr. B 2010-01-09 13:24:48 UTC
2.6.5 was released yesterday with a fix - might be an idea to bump pronto.
Comment 3 Olivier Crete (RETIRED) gentoo-dev 2010-01-10 06:44:24 UTC
Version 2.6.5 fixes the problem, please stabilize
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2010-01-10 11:54:37 UTC
x86 stable
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2010-01-12 18:04:23 UTC
Stable for HPPA.
Comment 6 Peter Volkov (RETIRED) gentoo-dev 2010-01-13 10:48:55 UTC
BTW, note that 2.6.5 seems to have regression:
http://developer.pidgin.im/ticket/11142
Comment 7 Tobias Klausmann gentoo-dev 2010-01-16 10:58:39 UTC
Stable on alpha.
Comment 8 Peter Volkov (RETIRED) gentoo-dev 2010-01-19 08:24:16 UTC
(In reply to comment #6)
> BTW, note that 2.6.5 seems to have regression:
> http://developer.pidgin.im/ticket/11142

Well, actually this was not regression and this had something to do with changes on ICQ servers. Currently it looks like changes were reverted and everything should just work.

Comment 9 nixnut (RETIRED) gentoo-dev 2010-01-19 18:11:10 UTC
ppc stable
Comment 10 Markus Meier gentoo-dev 2010-02-03 20:29:14 UTC
amd64 stable, all arches done.
Comment 11 Stefan Behte (RETIRED) gentoo-dev Security 2010-02-06 15:57:21 UTC
GLSA vote: yes.
Comment 12 Tobias Heinlein (RETIRED) gentoo-dev 2010-02-18 21:45:13 UTC
YES too, request filed.
Comment 13 Tobias Heinlein (RETIRED) gentoo-dev 2010-02-28 22:11:40 UTC
CVE-2010-0013 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0013):
  Directory traversal vulnerability in slp.c in the MSN protocol plugin
  in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers
  to read arbitrary files via a .. (dot dot) in an
  application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a
  related issue to CVE-2004-0122.  NOTE: it could be argued that this
  is resultant from a vulnerability in which an emoticon download
  request is processed even without a preceding text/x-mms-emoticon
  message that announced availability of the emoticon.

Comment 14 GLSAMaker/CVETool Bot gentoo-dev 2012-06-21 18:29:00 UTC
This issue was resolved and addressed in
 GLSA 201206-11 at http://security.gentoo.org/glsa/glsa-201206-11.xml
by GLSA coordinator Stefan Behte (craig).