ID CVE-2008-2927
Summary Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.
References
Vulnerable Configurations
  • Pidgin 2.0.0
    cpe:2.3:a:pidgin:pidgin:2.0.0
  • Pidgin 2.0.1
    cpe:2.3:a:pidgin:pidgin:2.0.1
  • Pidgin 2.0.2
    cpe:2.3:a:pidgin:pidgin:2.0.2
  • Pidgin 2.1.0
    cpe:2.3:a:pidgin:pidgin:2.1.0
  • Pidgin 2.1.1
    cpe:2.3:a:pidgin:pidgin:2.1.1
  • Pidgin 2.2.0
    cpe:2.3:a:pidgin:pidgin:2.2.0
  • Pidgin 2.2.1
    cpe:2.3:a:pidgin:pidgin:2.2.1
  • Pidgin 2.2.2
    cpe:2.3:a:pidgin:pidgin:2.2.2
  • Pidgin 2.3.0
    cpe:2.3:a:pidgin:pidgin:2.3.0
  • Pidgin 2.3.1
    cpe:2.3:a:pidgin:pidgin:2.3.1
  • Pidgin 2.4.0
    cpe:2.3:a:pidgin:pidgin:2.4.0
  • Pidgin 2.4.1
    cpe:2.3:a:pidgin:pidgin:2.4.1
  • Pidgin 2.4.2
    cpe:2.3:a:pidgin:pidgin:2.4.2
  • cpe:2.3:a:adium:adium:1.0
    cpe:2.3:a:adium:adium:1.0
  • cpe:2.3:a:adium:adium:1.0.1
    cpe:2.3:a:adium:adium:1.0.1
  • cpe:2.3:a:adium:adium:1.0.2
    cpe:2.3:a:adium:adium:1.0.2
  • cpe:2.3:a:adium:adium:1.0.3
    cpe:2.3:a:adium:adium:1.0.3
  • cpe:2.3:a:adium:adium:1.0.4
    cpe:2.3:a:adium:adium:1.0.4
  • cpe:2.3:a:adium:adium:1.0.5
    cpe:2.3:a:adium:adium:1.0.5
  • cpe:2.3:a:adium:adium:1.1
    cpe:2.3:a:adium:adium:1.1
  • cpe:2.3:a:adium:adium:1.1.1
    cpe:2.3:a:adium:adium:1.1.1
  • cpe:2.3:a:adium:adium:1.1.2
    cpe:2.3:a:adium:adium:1.1.2
  • cpe:2.3:a:adium:adium:1.1.3
    cpe:2.3:a:adium:adium:1.1.3
  • cpe:2.3:a:adium:adium:1.1.4
    cpe:2.3:a:adium:adium:1.1.4
  • cpe:2.3:a:adium:adium:1.2.7
    cpe:2.3:a:adium:adium:1.2.7
CVSS
Base: 6.8 (as of 08-07-2008 - 14:34)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200901-13.NASL
    description The remote host is affected by the vulnerability described in GLSA-200901-13 (Pidgin: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Pidgin and the libpurple library: A participant to the TippingPoint ZDI reported multiple integer overflows in the msn_slplink_process_msg() function in the MSN protocol implementation (CVE-2008-2927). Juan Pablo Lopez Yacubian is credited for reporting a use-after-free flaw in msn_slplink_process_msg() in the MSN protocol implementation (CVE-2008-2955). The included UPnP server does not limit the size of data to be downloaded for UPnP service discovery, according to a report by Andrew Hunt and Christian Grothoff (CVE-2008-2957). Josh Triplett discovered that the NSS plugin for libpurple does not properly verify SSL certificates (CVE-2008-3532). Impact : A remote attacker could send specially crafted messages or files using the MSN protocol which could result in the execution of arbitrary code or crash Pidgin. NOTE: Successful exploitation might require the victim's interaction. Furthermore, an attacker could conduct man-in-the-middle attacks to obtain sensitive information using bad certificates and cause memory and disk resources to exhaust. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 35432
    published 2009-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35432
    title GLSA-200901-13 : Pidgin: Multiple vulnerabilities
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2008-0584.NASL
    description From Red Hat Security Advisory 2008:0584 : Updated Pidgin packages that fix a security issue and address a bug are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is a multi-protocol Internet Messaging client. An integer overflow flaw was found in Pidgin's MSN protocol handler. If a user received a malicious MSN message, it was possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2008-2927) Note: the default Pidgin privacy setting only allows messages from users in the buddy list. This prevents arbitrary MSN users from exploiting this flaw. This update also addresses the following bug : * when attempting to connect to the ICQ network, Pidgin would fail to connect, present an alert saying the 'The client version you are using is too old', and de-activate the ICQ account. This update restores Pidgin's ability to connect to the ICQ network. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67725
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67725
    title Oracle Linux 3 / 4 : pidgin (ELSA-2008-0584)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-675-2.NASL
    description It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2008-2927). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 37355
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37355
    title Ubuntu 6.06 LTS : gaim vulnerability (USN-675-2)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_GAIM-5421.NASL
    description - specially crafted MSN SLP messages could cause an integer overflow in gaim. Attackers could potentially exploit that to execute arbitrary code (CVE-2008-2927). Additionally a problem was fixed that prevented gaim clients from connecting to the ICQ network after a server change on July 1st 2008.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 34192
    published 2008-09-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34192
    title openSUSE 10 Security Update : gaim (gaim-5421)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2008-143.NASL
    description An integer overflow flaw was found in Pidgin's MSN protocol handler that could allow for the execution of arbitrary code if a user received a malicious MSN message (CVE-2008-2927). In addition, this update provides the ability to use ICQ networks again on Mandriva Linux 2008.0, as in MDVA-2008:103 (updated pidgin for 2008.1). The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 37612
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37612
    title Mandriva Linux Security Advisory : pidgin (MDVSA-2008:143)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2008-0584.NASL
    description Updated Pidgin packages that fix a security issue and address a bug are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is a multi-protocol Internet Messaging client. An integer overflow flaw was found in Pidgin's MSN protocol handler. If a user received a malicious MSN message, it was possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2008-2927) Note: the default Pidgin privacy setting only allows messages from users in the buddy list. This prevents arbitrary MSN users from exploiting this flaw. This update also addresses the following bug : * when attempting to connect to the ICQ network, Pidgin would fail to connect, present an alert saying the 'The client version you are using is too old', and de-activate the ICQ account. This update restores Pidgin's ability to connect to the ICQ network. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 33463
    published 2008-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33463
    title RHEL 3 / 4 / 5 : pidgin (RHSA-2008:0584)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-675-1.NASL
    description It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2008-2927) It was discovered that Pidgin did not properly handle file transfers containing a long filename and special characters in the MSN protocol handler. A remote attacker could send a specially crafted filename in a file transfer request and cause Pidgin to crash, leading to a denial of service. (CVE-2008-2955) It was discovered that Pidgin did not impose resource limitations in the UPnP service. A remote attacker could cause Pidgin to download arbitrary files and cause a denial of service from memory or disk space exhaustion. (CVE-2008-2957) It was discovered that Pidgin did not validate SSL certificates when using a secure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update alters Pidgin behaviour by asking users to confirm the validity of a certificate upon initial login. (CVE-2008-3532). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 36899
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36899
    title Ubuntu 7.10 / 8.04 LTS : pidgin vulnerabilities (USN-675-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20080711_PIDGIN_ON_SL_3_0_X.NASL
    description An integer overflow flaw was found in Pidgin's MSN protocol handler. If a user received a malicious MSN message, it was possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2008-2927) Note: the default Pidgin privacy setting only allows messages from users in the buddy list. This prevents arbitrary MSN users from exploiting this flaw. This update also addresses the following bug : - when attempting to connect to the ICQ network, Pidgin would fail to connect, present an alert saying the 'The client version you are using is too old', and de-activate the ICQ account. This update restores Pidgin's ability to connect to the ICQ network.
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60438
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60438
    title Scientific Linux Security Update : pidgin on SL 3.0.x , SL 4.x , SL 5.x
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1060.NASL
    description Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin's QQ protocol decryption handler. When the QQ protocol decrypts packet information, heap data can be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374) A flaw was found in the way Pidgin's PurpleCircBuffer object is expanded. If the buffer is full when more data arrives, the data stored in this buffer becomes corrupted. This corrupted data could result in confusing or misleading data being presented to the user, or possibly crash Pidgin. (CVE-2009-1375) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43751
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43751
    title CentOS 4 / 5 : pidgin (CESA-2009:1060)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2008-0584.NASL
    description Updated Pidgin packages that fix a security issue and address a bug are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is a multi-protocol Internet Messaging client. An integer overflow flaw was found in Pidgin's MSN protocol handler. If a user received a malicious MSN message, it was possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2008-2927) Note: the default Pidgin privacy setting only allows messages from users in the buddy list. This prevents arbitrary MSN users from exploiting this flaw. This update also addresses the following bug : * when attempting to connect to the ICQ network, Pidgin would fail to connect, present an alert saying the 'The client version you are using is too old', and de-activate the ICQ account. This update restores Pidgin's ability to connect to the ICQ network. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33449
    published 2008-07-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33449
    title CentOS 3 / 4 / 5 : pidgin (CESA-2008:0584)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1610.NASL
    description It was discovered that gaim, an multi-protocol instant messaging client, was vulnerable to several integer overflows in its MSN protocol handlers. These could allow a remote attacker to execute arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 33508
    published 2008-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=33508
    title Debian DSA-1610-1 : gaim - integer overflow
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1060.NASL
    description Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin's QQ protocol decryption handler. When the QQ protocol decrypts packet information, heap data can be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374) A flaw was found in the way Pidgin's PurpleCircBuffer object is expanded. If the buffer is full when more data arrives, the data stored in this buffer becomes corrupted. This corrupted data could result in confusing or misleading data being presented to the user, or possibly crash Pidgin. (CVE-2009-1375) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 38872
    published 2009-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38872
    title RHEL 4 / 5 : pidgin (RHSA-2009:1060)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-5552.NASL
    description This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 38995
    published 2009-06-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38995
    title Fedora 9 : pidgin-2.5.6-1.fc9 (2009-5552)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_FINCH-080903.NASL
    description - specially crafted MSN SLP messages could cause an integer overflow in pidgin. Attackers could potentially exploit that to execute arbitrary code (CVE-2008-2927). - overly long file names in MSN file transfers could crash pidgin (CVE-2008-2955). - SSL certifcates were not verfied. Therefore piding didn't notice faked certificates (CVE-2008-3532) Additionally a problem was fixed that prevented gaim clients from connecting to the ICQ network after a server change on July 1st 2008.
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 39959
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39959
    title openSUSE Security Update : finch (finch-188)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-1059.NASL
    description An updated pidgin package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to this update package, which contains backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 38871
    published 2009-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38871
    title RHEL 3 : pidgin (RHSA-2009:1059)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-5583.NASL
    description This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 38996
    published 2009-06-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38996
    title Fedora 11 : pidgin-2.5.6-1.fc11 (2009-5583)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1059.NASL
    description From Red Hat Security Advisory 2009:1059 : An updated pidgin package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to this update package, which contains backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67862
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67862
    title Oracle Linux 3 : pidgin (ELSA-2009-1059)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FINCH-5573.NASL
    description - specially crafted MSN SLP messages could cause an integer overflow in pidgin. Attackers could potentially exploit that to execute arbitrary code. (CVE-2008-2927) - overly long file names in MSN file transfers could crash pidgin. (CVE-2008-2955) - SSL certifcates were not verfied. Therefore piding didn't notice faked certificates. (CVE-2008-3532) Additionally a problem was fixed that prevented gaim clients from connecting to the ICQ network after a server change on July 1st 2008.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 51722
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51722
    title SuSE 10 Security Update : pidgin, gaim and finch (ZYPP Patch Number 5573)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-5597.NASL
    description This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-20
    plugin id 38997
    published 2009-06-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38997
    title Fedora 10 : pidgin-2.5.6-1.fc10 (2009-5597)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FINCH-5592.NASL
    description - specially crafted MSN SLP messages could cause an integer overflow in pidgin. Attackers could potentially exploit that to execute arbitrary code (CVE-2008-2927). - overly long file names in MSN file transfers could crash pidgin (CVE-2008-2955). - SSL certifcates were not verfied. Therefore piding didn't notice faked certificates (CVE-2008-3532) Additionally a problem was fixed that prevented gaim clients from connecting to the ICQ network after a server change on July 1st 2008.
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 34199
    published 2008-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=34199
    title openSUSE 10 Security Update : finch (finch-5592)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-1059.NASL
    description An updated pidgin package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to this update package, which contains backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 38868
    published 2009-05-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38868
    title CentOS 3 : pidgin (CESA-2009:1059)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-1060.NASL
    description From Red Hat Security Advisory 2009:1060 : Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin's QQ protocol decryption handler. When the QQ protocol decrypts packet information, heap data can be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374) A flaw was found in the way Pidgin's PurpleCircBuffer object is expanded. If the buffer is full when more data arrives, the data stored in this buffer becomes corrupted. This corrupted data could result in confusing or misleading data being presented to the user, or possibly crash Pidgin. (CVE-2009-1375) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67863
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67863
    title Oracle Linux 4 : pidgin (ELSA-2009-1060)
oval via4
  • accepted 2013-04-29T04:15:22.620-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.
    family unix
    id oval:org.mitre.oval:def:11695
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.
    version 24
  • accepted 2013-09-30T04:00:45.192-04:00
    class vulnerability
    contributors
    name Shane Shaffer
    organization G2, Inc.
    definition_extensions
    comment Pidgin is installed
    oval oval:org.mitre.oval:def:12366
    description Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.
    family windows
    id oval:org.mitre.oval:def:17972
    status accepted
    submitted 2013-08-16T15:36:10.221-04:00
    title Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955
    version 4
redhat via4
advisories
bugzilla
id 453774
title RHEL3 - Fix ICQ login
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 3 is installed
      oval oval:com.redhat.rhba:tst:20070026001
    • comment pidgin is earlier than 0:1.5.1-2.el3
      oval oval:com.redhat.rhsa:tst:20080584002
    • comment pidgin is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20080584003
  • AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • comment pidgin is earlier than 0:1.5.1-2.el4
      oval oval:com.redhat.rhsa:tst:20080584005
    • comment pidgin is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20080584003
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment finch is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584015
        • comment finch is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584016
      • AND
        • comment finch-devel is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584013
        • comment finch-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584014
      • AND
        • comment libpurple is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584019
        • comment libpurple is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584020
      • AND
        • comment libpurple-devel is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584017
        • comment libpurple-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584018
      • AND
        • comment libpurple-perl is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584009
        • comment libpurple-perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584010
      • AND
        • comment libpurple-tcl is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584011
        • comment libpurple-tcl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584012
      • AND
        • comment pidgin is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584007
        • comment pidgin is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584008
      • AND
        • comment pidgin-devel is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584023
        • comment pidgin-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584024
      • AND
        • comment pidgin-perl is earlier than 0:2.3.1-2.el5_2
          oval oval:com.redhat.rhsa:tst:20080584021
        • comment pidgin-perl is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20080584022
rhsa
id RHSA-2008:0584
released 2008-07-09
severity Important
title RHSA-2008:0584: pidgin security and bug fix update (Important)
rpms
  • pidgin-0:1.5.1-2.el3
  • pidgin-0:1.5.1-2.el4
  • finch-0:2.3.1-2.el5_2
  • finch-devel-0:2.3.1-2.el5_2
  • libpurple-0:2.3.1-2.el5_2
  • libpurple-devel-0:2.3.1-2.el5_2
  • libpurple-perl-0:2.3.1-2.el5_2
  • libpurple-tcl-0:2.3.1-2.el5_2
  • pidgin-0:2.3.1-2.el5_2
  • pidgin-devel-0:2.3.1-2.el5_2
  • pidgin-perl-0:2.3.1-2.el5_2
refmap via4
bid 29956
bugtraq
  • 20080625 Pidgin 2.4.1 Vulnerability
  • 20080806 rPSA-2008-0246-1 gaim
  • 20080828 ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
confirm
debian DSA-1610
mandriva
  • MDVSA-2008:143
  • MDVSA-2009:127
misc http://www.zerodayinitiative.com/advisories/ZDI-08-054
mlist
  • [oss-security] 20080703 Re: Re: CVE Request (pidgin)
  • [oss-security] 20080704 Re: Re: CVE Request (pidgin)
sectrack 1020451
secunia
  • 30971
  • 31016
  • 31105
  • 31387
  • 31642
  • 32859
  • 32861
ubuntu
  • USN-675-1
  • USN-675-2
vupen ADV-2008-2032
xf adium-msnprotocol-code-execution(44774)
Last major update 02-11-2013 - 22:38
Published 07-07-2008 - 19:41
Last modified 11-10-2018 - 16:44
Back to Top