Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Gaim vulnerabilities
Informations
Name USN-168-1 First vendor Publication 2005-08-12
Vendor Ubuntu Last vendor Modification 2005-08-12
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

gaim

The problem can be corrected by upgrading the affected package to version 1:1.0.0-1ubuntu1.8 (for Ubuntu 4.10), or 1:1.1.4-1ubuntu4.4 (for Ubuntu 5.04). After performing a standard system upgrade you need to restart Gaim to effect the necessary changes.

Details follow:

Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)

It was found that specially crafted "away" messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)

Szymon Zygmunt and Michał Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1. However, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370)

Original Source

Url : http://www.ubuntu.com/usn/USN-168-1

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-399 Resource Management Errors
50 % CWE-131 Incorrect Calculation of Buffer Size (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10456
 
Oval ID: oval:org.mitre.oval:def:10456
Title: Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
Description: Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
Family: unix Class: vulnerability
Reference(s): CVE-2005-2370
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11477
 
Oval ID: oval:org.mitre.oval:def:11477
Title: Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
Description: Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
Family: unix Class: vulnerability
Reference(s): CVE-2005-2103
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9283
 
Oval ID: oval:org.mitre.oval:def:9283
Title: The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
Description: The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.
Family: unix Class: vulnerability
Reference(s): CVE-2005-2102
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 7
Application 2
Application 52

OpenVAS Exploits

Date Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200508-06 (Gaim)
File : nvt/glsa_200508_06.nasl
2008-09-04 Name : FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim
File : nvt/freebsd_gaim16.nasl
2008-09-04 Name : FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim
File : nvt/freebsd_gaim17.nasl
2008-09-04 Name : FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim
File : nvt/freebsd_gaim18.nasl
2008-01-17 Name : Debian Security Advisory DSA 1318-1 (ekg)
File : nvt/deb_1318_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 769-1 (gaim)
File : nvt/deb_769_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 813-1 (centericq)
File : nvt/deb_813_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2005-242-03 gaim
File : nvt/esoft_slk_ssa_2005_242_03.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
18669 Gaim Away Message Processing Remote Overflow

A remote overflow exists in gaim. The program fails to validate away messages resulting in a buffer overflow. With a specially crafted away message, an attacker can cause arbitrary code execution resulting in a loss of integrity.
18668 Gaim Non-utf8 Invalid Filename Remote DoS

Gaim contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker attempts to send a file with non-utf8 characters, and will result in loss of availability for the program.
18126 libgadu on SPARC Incoming Message Memory Alignment Error

Snort® IPS/IDS

Date Description
2014-01-10 AOL GAIM AIM-ICQ Protocol Handling buffer overflow attempt
RuleID : 17357 - Revision : 9 - Type : PUA-OTHER

Nessus® Vulnerability Scanner

Date Description
2012-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-773.nasl - Type : ACT_GATHER_INFO
2007-06-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1318.nasl - Type : ACT_GATHER_INFO
2006-07-05 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2005-639.nasl - Type : ACT_GATHER_INFO
2006-07-03 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2005-627.nasl - Type : ACT_GATHER_INFO
2006-05-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3b4a69820b2411dabc080001020eed82.nasl - Type : ACT_GATHER_INFO
2006-05-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_6d1761d20b2311dabc080001020eed82.nasl - Type : ACT_GATHER_INFO
2006-05-13 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_09db28440b2111dabc080001020eed82.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-162-1.nasl - Type : ACT_GATHER_INFO
2006-01-15 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-168-1.nasl - Type : ACT_GATHER_INFO
2005-10-05 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2005-242-03.nasl - Type : ACT_GATHER_INFO
2005-10-05 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-139.nasl - Type : ACT_GATHER_INFO
2005-09-17 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-813.nasl - Type : ACT_GATHER_INFO
2005-08-18 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200508-06.nasl - Type : ACT_GATHER_INFO
2005-08-12 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-589.nasl - Type : ACT_GATHER_INFO
2005-08-12 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2005-627.nasl - Type : ACT_GATHER_INFO
2005-07-31 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-769.nasl - Type : ACT_GATHER_INFO
2005-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2005-639.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-02-17 12:01:16
  • Multiple Updates
2013-05-11 12:25:09
  • Multiple Updates