Info

Disclosure

Jan 27, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Gaim. The Extract Info Field Function combines data from two tokens into a fixed-length stack buffer without properly checking the size of the resulting string, resulting in a buffer overflow. With a specially crafted set of data, an attacker can overflow the buffer and possibly execute arbitrary code on the system, resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
OSVDB: Concern

Solution

Upgrade to version 0.76 or higher, as it has been reported to fix this vulnerability. The FreeBSD security team has released an unoffcial patch which also corrects this vulnerability.

Products

Sourceforge.net

gaim

0.74

References

Other Solution URL: http://security.e-matters.de/patches/gaim-0.75-fix.diff
Secunia Advisory ID: 10705
ISS X-Force ID: 14946
CVE ID: 2004-0007 (see also: NVD)
Related OSVDB ID: 3730 3731 3732
Other Advisory URL: http://security.e-matters.de/advisories/012004.html
Vendor Specific Advisory URL: http://sourceforge.net/tracker/index.php?func=detail&aid=885370&group_id=235&atid=100235

Credit

e-matters - e-matters

Direct URL: http://osvdb.org/3733