Info

Disclosure

Jan 27, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Gaim. The HTTP proxy (http_canread function) subsystem fails to check if the proxy sends more than 8192 bytes in a line, resulting in a buffer overflow. With a malicious proxy sending specially crafted input, an attacker can overwrite the buffer and gain control of the instruction pointer resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Upgrade to version 0.76 when available. The FreeBSD security team has released an unoffcial patch which also corrects this vulnerability.

Products

Gaim

gaim

0.74

References

Other Solution URL: http://security.e-matters.de/patches/gaim-0.75-fix.diff
Secunia Advisory ID: 10705
ISS X-Force ID: 14947
CVE ID: 2004-0006 (see also: NVD)
Related OSVDB ID: 3730 3731
Other Advisory URL: http://security.e-matters.de/advisories/012004.html
Vendor Specific Advisory URL: http://sourceforge.net/tracker/index.php?func=detail&aid=885370&group_id=235&atid=100235

Credit

e-matters - e-matters

Direct URL: http://osvdb.org/3732