Info

Disclosure

Jan 27, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Gaim. The URL Parser Function splits a URL into its parts using temporary fixed size stackbuffers in an unsafe way, resulting in a buffer overflow. With a specially crafted set of data, an attacker can overflow the buffer and possibly execute arbitrary code on the system, resulting in a loss of integrity. Note that it is only possible to overwrite the buffers with a limited character set which makes exploitation difficult.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version 0.76 when available. The FreeBSD security team has released an unoffcial patch which also corrects this vulnerability.

Products

Gaim

gaim

0.74

References

Other Solution URL: http://security.e-matters.de/patches/gaim-0.75-fix.diff
Secunia Advisory ID: 10705
ISS X-Force ID: 14945
CVE ID: 2004-0006 (see also: NVD)
Related OSVDB ID: 3730
Other Advisory URL: http://security.e-matters.de/advisories/012004.html
Vendor Specific Advisory URL: http://sourceforge.net/tracker/index.php?func=detail&aid=885370&group_id=235&atid=100235

Credit

e-matters - e-matters

Direct URL: http://osvdb.org/3731