Re: [Gaim-devel] [Fwd: [ GLSA 200408-27 ] Gaim: New vulnerabilities]

[Matthew K. <kel...@po...>]

Yeah, I cited it, as did they. :)

On Sat, 2004-08-28 at 10:40, Luke Schierer wrote:
> see gaim.sf.net/security
> 
> luke
> 
> On Sat, Aug 28, 2004 at 10:25:19AM -0400, Matthew Keller wrote:
> > >>From Bugtraq: Versions >=0.82 are fixed... Not that anyone hesitates to
> > upgrade. Kudos to the new (to me at least) Gaim security site referenced
> > at http://gaim.sourceforge.net/security/
> > 
> > -----Forwarded Message-----
> > From: Sune Kloppenborg Jeppesen <jae...@ge...>
> > To: gen...@ge...
> > Cc: bu...@se..., ful...@li..., sec...@li...
> > Subject: [ GLSA 200408-27 ] Gaim: New vulnerabilities
> > Date: Fri, 27 Aug 2004 20:52:43 +0200
> > 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> > Gentoo Linux Security Advisory                           GLSA 200408-27
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> >                                             http://security.gentoo.org/
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> > 
> >   Severity: Normal
> >      Title: Gaim: New vulnerabilities
> >       Date: August 27, 2004
> >       Bugs: #61457
> >         ID: 200408-27
> > 
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> > 
> > Synopsis
> > ========
> > 
> > Gaim contains several security issues that might allow an attacker to
> > execute arbitrary code or commands.
> > 
> > Background
> > ==========
> > 
> > Gaim is a multi-protocol instant messaging client for Linux which
> > supports many instant messaging protocols.
> > 
> > Affected packages
> > =================
> > 
> >     -------------------------------------------------------------------
> >      Package      /  Vulnerable  /                          Unaffected
> >     -------------------------------------------------------------------
> >   1  net-im/gaim      < 0.81-r5                             >= 0.81-r5
> > 
> > Description
> > ===========
> > 
> > Gaim fails to do proper bounds checking when:
> > 
> > * Handling MSN messages (partially fixed with GLSA 200408-12).
> > 
> > * Handling rich text format messages.
> > 
> > * Resolving local hostname.
> > 
> > * Receiving long URLs.
> > 
> > * Handling groupware messages.
> > 
> > * Allocating memory for webpages with fake content-length header.
> > 
> > Furthermore Gaim fails to escape filenames when using drag and drop
> > installation of smiley themes.
> > 
> > Impact
> > ======
> > 
> > These vulnerabilites could allow an attacker to crash Gaim or execute
> > arbitrary code or commands with the permissions of the user running
> > Gaim.
> > 
> > Workaround
> > ==========
> > 
> > There is no known workaround at this time. All users are encouraged to
> > upgrade to the latest available version of Gaim.
> > 
> > Resolution
> > ==========
> > 
> > All gaim users should upgrade to the latest version:
> > 
> >     # emerge sync
> > 
> >     # emerge -pv ">=net-im/gaim-0.81-r5"
> >     # emerge ">=net-im/gaim-0.81-r5"
> > 
> > References
> > ==========
> > 
> >   [ 1 ] Gaim security issues
> >         http://gaim.sourceforge.net/security/index.php
> > 
> > Availability
> > ============
> > 
> > This GLSA and any updates to it are available for viewing at
> > the Gentoo Security Website:
> > 
> >   http://security.gentoo.org/glsa/glsa-200408-27.xml
> > 
> > Concerns?
> > =========
> > 
> > Security is a primary focus of Gentoo Linux and ensuring the
> > confidentiality and security of our users machines is of utmost
> > importance to us. Any security concerns should be addressed to
> > sec...@ge... or alternatively, you may file a bug at
> > http://bugs.gentoo.org.
> > 
> > License
> > =======
> > 
> > Copyright 2004 Gentoo Foundation, Inc; referenced text
> > belongs to its owner(s).
> > 
> > The contents of this document are licensed under the
> > Creative Commons - Attribution / Share Alike license.
> > 
> > http://creativecommons.org/licenses/by-sa/1.0
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.2.4 (GNU/Linux)
> > 
> > iD8DBQFBL4L7zKC5hMHO6rkRAiTcAJ9qjmLs0yaTCLN2WvTv59oVJwDTagCgjJdC
> > fgR31dIfTwjGmgwD6PFQ8bk=
> > =TkqR
> > -----END PGP SIGNATURE-----
> > -- 
> > Matthew Keller
> > signat-url: http://mattwork.potsdam.edu/signat-url/
> > "No one ever says, 'I can't read that ASCII E-mail you sent me.'"
> > 
> > 
> > 
> > -------------------------------------------------------
> > This SF.Net email is sponsored by BEA Weblogic Workshop
> > FREE Java Enterprise J2EE developer tools!
> > Get your free copy of BEA WebLogic Workshop 8.1 today.
> > http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
> > _______________________________________________
> > Gaim-devel mailing list
> > Gai...@li...
> > https://lists.sourceforge.net/lists/listinfo/gaim-devel
-- 
Matthew Keller
signat-url: http://mattwork.potsdam.edu/signat-url/
"No one ever says, 'I can't read that ASCII E-mail you sent me.'"