Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51100
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2004:033
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2004:033.

Gaim is an instant messenger client that can handle multiple protocols.

Stefan Esser audited the Gaim source code and found a number of bugs that
have security implications. Due to the nature of instant messaging many of
these bugs require man-in-the-middle attacks between client and server.
However at least one of the buffer overflows could be exploited by an
attacker sending a carefully-constructed malicious message through a server.

The issues include:

Multiple buffer overflows that affect versions of Gaim 0.75 and earlier.
1) When parsing cookies in a Yahoo web connection, 2) YMSG protocol
overflows parsing the Yahoo login webpage, 3) a YMSG packet overflow, 4)
flaws in the URL parser, and 5) flaws in HTTP Proxy connect. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-0006 to these issues.

A buffer overflow in Gaim 0.74 and earlier in the Extract Info
Field Function used for MSN and YMSG protocol handlers. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0007 to this issue.

An integer overflow in Gaim 0.74 and earlier, when allocating
memory for a directIM packet results in heap overflow.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0008 to this issue.

All users of Gaim should upgrade to these erratum packages, which contain
backported security patches correcting these issues.

Red Hat would like to thank Steffan Esser for finding and reporting these
issues and Jacques A. Vidrine for providing initial patches.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2004-033.html

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0006
BugTraq ID: 9489
http://www.securityfocus.com/bid/9489
Bugtraq: 20040126 Advisory 01/2004: 12 x Gaim remote overflows (Google Search)
http://marc.info/?l=bugtraq&m=107513690306318&w=2
Bugtraq: 20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code (Google Search)
http://marc.info/?l=bugtraq&m=107522432613022&w=2
CERT/CC vulnerability note: VU#297198
http://www.kb.cert.org/vuls/id/297198
CERT/CC vulnerability note: VU#371382
http://www.kb.cert.org/vuls/id/371382
CERT/CC vulnerability note: VU#444158
http://www.kb.cert.org/vuls/id/444158
CERT/CC vulnerability note: VU#503030
http://www.kb.cert.org/vuls/id/503030
CERT/CC vulnerability note: VU#527142
http://www.kb.cert.org/vuls/id/527142
CERT/CC vulnerability note: VU#871838
http://www.kb.cert.org/vuls/id/871838
Conectiva Linux advisory: CLA-2004:813
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000813
Debian Security Information: DSA-434 (Google Search)
http://www.debian.org/security/2004/dsa-434
http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html
http://security.gentoo.org/glsa/glsa-200401-04.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:006
http://security.e-matters.de/advisories/012004.html
http://www.osvdb.org/3731
http://www.osvdb.org/3732
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10222
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A818
http://www.redhat.com/support/errata/RHSA-2004-032.html
http://www.redhat.com/support/errata/RHSA-2004-033.html
http://www.redhat.com/support/errata/RHSA-2004-045.html
http://www.securitytracker.com/id?1008850
SGI Security Advisory: 20040201-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc
SGI Security Advisory: 20040202-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.361158
SuSE Security Announcement: SuSE-SA:2004:004 (Google Search)
http://www.novell.com/linux/security/advisories/2004_04_gaim.html
XForce ISS Database: gaim-http-proxy-bo(14947)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14947
XForce ISS Database: gaim-login-name-bo(14940)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14940
XForce ISS Database: gaim-login-value-bo(14941)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14941
XForce ISS Database: gaim-urlparser-bo(14945)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14945
XForce ISS Database: gaim-yahoopacketread-keyname-bo(14943)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14943
XForce ISS Database: gaim-yahoowebpending-cookie-bo(14939)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14939
Common Vulnerability Exposure (CVE) ID: CVE-2004-0007
CERT/CC vulnerability note: VU#197142
http://www.kb.cert.org/vuls/id/197142
http://www.osvdb.org/3733
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A819
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9906
http://www.securityfocus.com/advisories/6281
XForce ISS Database: gaim-extractinfo-bo(14946)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14946
Common Vulnerability Exposure (CVE) ID: CVE-2004-0008
Bugtraq: 20040127 [slackware-security] GAIM security update (SSA:2004-026-01) (Google Search)
http://marc.info/?l=bugtraq&m=107522338611564&w=2
CERT/CC vulnerability note: VU#779614
http://www.kb.cert.org/vuls/id/779614
http://www.osvdb.org/3734
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469
XForce ISS Database: gaim-directim-bo(14937)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14937
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.