ID UBUNTU_USN-168-1.NASL Type nessus Reporter Tenable Modified 2016-05-27T00:00:00
Description
Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)
It was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)
Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.
However, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-168-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(20574);
script_version("$Revision: 1.13 $");
script_cvs_date("$Date: 2016/05/27 14:21:16 $");
script_cve_id("CVE-2005-2102", "CVE-2005-2103", "CVE-2005-2370");
script_bugtraq_id(14531);
script_xref(name:"USN", value:"168-1");
script_name(english:"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Daniel Atallah discovered a Denial of Service vulnerability in the
file transfer handler of OSCAR (the module that handles various
instant messaging protocols like ICQ). A remote attacker could crash
the Gaim client of an user by attempting to send him a file with a
name that contains invalid UTF-8 characters. (CAN-2005-2102)
It was found that specially crafted 'away' messages triggered a buffer
overflow. A remote attacker could exploit this to crash the Gaim
client or possibly even execute arbitrary code with the permissions of
the Gaim user. (CAN-2005-2103)
Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory
alignment error in the Gadu library, which was fixed in USN-162-1.
However, it was discovered that Gaim contains a copy of the vulnerable
code. By sending specially crafted messages over the Gadu protocol, a
remote attacker could crash Gaim. (CAN-2005-2370).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"solution",
value:"Update the affected gaim, gaim-data and / or gaim-dev packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gaim");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gaim-data");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gaim-dev");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:4.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04");
script_set_attribute(attribute:"patch_publication_date", value:"2005/08/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/01/15");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2005-2016 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(4\.10|5\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 4.10 / 5.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"4.10", pkgname:"gaim", pkgver:"1.0.0-1ubuntu1.8")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"gaim", pkgver:"1.1.4-1ubuntu4.4")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"gaim-data", pkgver:"1.1.4-1ubuntu4.4")) flag++;
if (ubuntu_check(osver:"5.04", pkgname:"gaim-dev", pkgver:"1.1.4-1ubuntu4.4")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gaim / gaim-data / gaim-dev");
}
{"id": "UBUNTU_USN-168-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2006-01-15T00:00:00", "modified": "2016-05-27T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "reporter": "Tenable", "references": [], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "type": "nessus", "lastseen": "2017-10-29T13:36:19", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "bb86da3d4151dd6ebaae62c10eb69582b082c617cb9152c1e6afc84af456ab5d", "hashmap": [{"hash": "5def28318542b833394bb196f5312b60", "key": "cvelist"}, {"hash": "9ebbba4f7dfab58e7c57c9df7b54d577", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "9f645ae040f3a911c83effe8f4cefb6e", "key": "sourceData"}, {"hash": "51f6f8bb60533faccaf9964766bf4117", "key": "title"}, {"hash": "575770113bb5f93b2906ef8917facca4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8a96d8d6e565c1bd06e216985d146bba", "key": "published"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "3ea495319d2ba146a209aaeb70b152c8", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "id": "UBUNTU_USN-168-1.NASL", "lastseen": "2016-09-26T17:24:03", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "20574", "published": "2006-01-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:21:16 $\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2016 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:03"}], "edition": 2, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "d0a161de269faf0b3cf3efa18918066d"}, {"key": "cvelist", "hash": "5def28318542b833394bb196f5312b60"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "9ebbba4f7dfab58e7c57c9df7b54d577"}, {"key": "href", "hash": "3ea495319d2ba146a209aaeb70b152c8"}, {"key": "modified", "hash": "f5f9e526f94b59bbc9026f5b07b6ef78"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "575770113bb5f93b2906ef8917facca4"}, {"key": "published", "hash": "8a96d8d6e565c1bd06e216985d146bba"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "9f645ae040f3a911c83effe8f4cefb6e"}, {"key": "title", "hash": "51f6f8bb60533faccaf9964766bf4117"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "cdee3d6a645c3224c764563df5a90cb1098cf3cacf8c2d63b7b0dadcbec6a71f", "viewCount": 0, "enchantments": {"vulnersScore": 2.8}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:21:16 $\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2016 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "20574", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"]}
{"result": {"cve": [{"id": "CVE-2005-2370", "type": "cve", "title": "CVE-2005-2370", "description": "Multiple \"memory alignment errors\" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.", "published": "2005-07-26T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2370", "cvelist": ["CVE-2005-2370"], "lastseen": "2017-10-11T11:06:18"}, {"id": "CVE-2005-2103", "type": "cve", "title": "CVE-2005-2103", "description": "Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.", "published": "2005-08-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2103", "cvelist": ["CVE-2005-2103"], "lastseen": "2017-10-11T11:06:17"}, {"id": "CVE-2005-2102", "type": "cve", "title": "CVE-2005-2102", "description": "The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.", "published": "2005-08-16T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2102", "cvelist": ["CVE-2005-2102"], "lastseen": "2017-10-11T11:06:17"}], "osvdb": [{"id": "OSVDB:18126", "type": "osvdb", "title": "libgadu on SPARC Incoming Message Memory Alignment Error", "description": "## Solution Description\nUpgrade to version 1.6rc3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20050721-1.txt)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16265](https://secuniaresearch.flexerasoftware.com/advisories/16265/)\n[Secunia Advisory ID:16387](https://secuniaresearch.flexerasoftware.com/advisories/16387/)\n[Secunia Advisory ID:16815](https://secuniaresearch.flexerasoftware.com/advisories/16815/)\n[Secunia Advisory ID:16423](https://secuniaresearch.flexerasoftware.com/advisories/16423/)\n[Secunia Advisory ID:16442](https://secuniaresearch.flexerasoftware.com/advisories/16442/)\n[Secunia Advisory ID:16483](https://secuniaresearch.flexerasoftware.com/advisories/16483/)\n[Secunia Advisory ID:16637](https://secuniaresearch.flexerasoftware.com/advisories/16637/)\n[Secunia Advisory ID:16140](https://secuniaresearch.flexerasoftware.com/advisories/16140/)\n[Secunia Advisory ID:16269](https://secuniaresearch.flexerasoftware.com/advisories/16269/)\n[Secunia Advisory ID:16363](https://secuniaresearch.flexerasoftware.com/advisories/16363/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\n[Related OSVDB ID: 18127](https://vulners.com/osvdb/OSVDB:18127)\n[Related OSVDB ID: 18125](https://vulners.com/osvdb/OSVDB:18125)\n[Related OSVDB ID: 18124](https://vulners.com/osvdb/OSVDB:18124)\nRedHat RHSA: RHSA-2005:627\nOther Advisory URL: http://www.debian.org/security/2005/dsa-769\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-162-1\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-168-1\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:139\nOther Advisory URL: http://www.debian.org/security/2005/dsa-813\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-07/0369.html\n[CVE-2005-2370](https://vulners.com/cve/CVE-2005-2370)\n", "published": "2005-07-21T08:26:58", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:18126", "cvelist": ["CVE-2005-2370"], "lastseen": "2017-04-28T13:20:14"}, {"id": "OSVDB:18669", "type": "osvdb", "title": "Gaim Away Message Processing Remote Overflow", "description": "## Vulnerability Description\nA remote overflow exists in gaim. The program fails to validate away messages resulting in a buffer overflow. With a specially crafted away message, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 1.5.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in gaim. The program fails to validate away messages resulting in a buffer overflow. With a specially crafted away message, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://gaim.sourceforge.net/security/index.php?id=22)\nSecurity Tracker: 1014649\n[Secunia Advisory ID:16384](https://secuniaresearch.flexerasoftware.com/advisories/16384/)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16387](https://secuniaresearch.flexerasoftware.com/advisories/16387/)\n[Secunia Advisory ID:16423](https://secuniaresearch.flexerasoftware.com/advisories/16423/)\n[Secunia Advisory ID:16436](https://secuniaresearch.flexerasoftware.com/advisories/16436/)\n[Secunia Advisory ID:16442](https://secuniaresearch.flexerasoftware.com/advisories/16442/)\n[Secunia Advisory ID:16483](https://secuniaresearch.flexerasoftware.com/advisories/16483/)\n[Secunia Advisory ID:16637](https://secuniaresearch.flexerasoftware.com/advisories/16637/)\n[Secunia Advisory ID:16379](https://secuniaresearch.flexerasoftware.com/advisories/16379/)\n[Secunia Advisory ID:16535](https://secuniaresearch.flexerasoftware.com/advisories/16535/)\n[Related OSVDB ID: 18668](https://vulners.com/osvdb/OSVDB:18668)\nRedHat RHSA: RHSA-2005:627\nRedHat RHSA: RHSA-2005:589\nPacket Storm: http://packetstormsecurity.org/0508-advisories/glsa-200508-06.txt\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200508-06.xml\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-168-1\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_19_sr.html\nOther Advisory URL: http://sourceforge.net/tracker/index.php?func=detail&aid=1235427&group_id=235&atid=100235\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:139\n[CVE-2005-2103](https://vulners.com/cve/CVE-2005-2103)\n", "published": "2005-08-10T09:38:45", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:18669", "cvelist": ["CVE-2005-2103"], "lastseen": "2017-04-28T13:20:15"}, {"id": "OSVDB:18668", "type": "osvdb", "title": "Gaim Non-utf8 Invalid Filename Remote DoS", "description": "## Vulnerability Description\nGaim contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker attempts to send a file with non-utf8 characters, and will result in loss of availability for the program.\n## Solution Description\nUpgrade to version 1.5.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nGaim contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker attempts to send a file with non-utf8 characters, and will result in loss of availability for the program.\n## References:\n[Vendor Specific Advisory URL](http://gaim.sourceforge.net/security/index.php?id=21)\n[Secunia Advisory ID:16384](https://secuniaresearch.flexerasoftware.com/advisories/16384/)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16387](https://secuniaresearch.flexerasoftware.com/advisories/16387/)\n[Secunia Advisory ID:16423](https://secuniaresearch.flexerasoftware.com/advisories/16423/)\n[Secunia Advisory ID:16436](https://secuniaresearch.flexerasoftware.com/advisories/16436/)\n[Secunia Advisory ID:16442](https://secuniaresearch.flexerasoftware.com/advisories/16442/)\n[Secunia Advisory ID:16483](https://secuniaresearch.flexerasoftware.com/advisories/16483/)\n[Secunia Advisory ID:16637](https://secuniaresearch.flexerasoftware.com/advisories/16637/)\n[Secunia Advisory ID:16379](https://secuniaresearch.flexerasoftware.com/advisories/16379/)\n[Secunia Advisory ID:16535](https://secuniaresearch.flexerasoftware.com/advisories/16535/)\n[Related OSVDB ID: 18669](https://vulners.com/osvdb/OSVDB:18669)\nRedHat RHSA: RHSA-2005:627\nRedHat RHSA: RHSA-2005:589\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200508-06.xml\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-168-1\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_19_sr.html\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:139\n[CVE-2005-2102](https://vulners.com/cve/CVE-2005-2102)\n", "published": "2005-08-10T09:38:45", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:18668", "cvelist": ["CVE-2005-2102"], "lastseen": "2017-04-28T13:20:15"}], "openvas": [{"id": "OPENVAS:54455", "type": "openvas", "title": "Debian Security Advisory DSA 769-1 (gaim)", "description": "The remote host is missing an update to gaim\nannounced via advisory DSA 769-1.\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment\nerror in libgadu (from ekg, console Gadu Gadu client, an instant\nmessaging program) which is included in gaim, a multi-protocol instant\nmessaging client, as well. This can not be exploited on the x86\narchitecture but on others, e.g. on Sparc and lead to a bus error,\nin other words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by\nthis problem.", "published": "2008-01-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=54455", "cvelist": ["CVE-2005-2370"], "lastseen": "2017-07-24T12:50:01"}, {"id": "OPENVAS:136141256231055187", "type": "openvas", "title": "Slackware Advisory SSA:2005-242-03 gaim", "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.", "published": "2012-09-11T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231055187", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2018-04-06T11:16:53"}, {"id": "OPENVAS:55343", "type": "openvas", "title": "Debian Security Advisory DSA 813-1 (centericq)", "description": "The remote host is missing an update to centericq\nannounced via advisory DSA 813-1.\n\nSeveral problems have been discovered in libgadu which is also part of\ncentericq, a text-mode multi-protocol instant messenger client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2005-2369\nMultiple integer signedness errors may allow remote attackers to\ncause a denial of service or execute arbitrary code.\n\nCVE-2005-2370\nMemory alignment errors may allows remote attackers to cause a\ndenial of service on certain architectures such as sparc.\n\nCVE-2005-2448\nSeveral endianness errors may allow remote attackers to cause a\ndenial of service.\n\nThe old stable distribution (woody) is not affected by these problems.", "published": "2008-01-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=55343", "cvelist": ["CVE-2005-2448", "CVE-2005-2370", "CVE-2005-2369"], "lastseen": "2017-07-24T12:50:04"}, {"id": "OPENVAS:55187", "type": "openvas", "title": "Slackware Advisory SSA:2005-242-03 gaim", "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.", "published": "2012-09-11T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=55187", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2017-07-24T12:50:32"}, {"id": "OPENVAS:58424", "type": "openvas", "title": "Debian Security Advisory DSA 1318-1 (ekg)", "description": "The remote host is missing an update to ekg\nannounced via advisory DSA 1318-1.", "published": "2008-01-17T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=58424", "cvelist": ["CVE-2005-2448", "CVE-2005-2370", "CVE-2007-1663", "CVE-2007-1665", "CVE-2007-1664"], "lastseen": "2017-07-24T12:50:20"}, {"id": "OPENVAS:55043", "type": "openvas", "title": "FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=55043", "cvelist": ["CVE-2005-1852", "CVE-2005-2448", "CVE-2005-1850", "CVE-2005-1916", "CVE-2005-2370", "CVE-2005-2369", "CVE-2005-1851"], "lastseen": "2017-07-02T21:10:21"}, {"id": "OPENVAS:55045", "type": "openvas", "title": "FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=55045", "cvelist": ["CVE-2005-2103"], "lastseen": "2017-07-02T21:10:27"}, {"id": "OPENVAS:55060", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200508-06 (Gaim)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200508-06.", "published": "2008-09-24T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=55060", "cvelist": ["CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2017-07-24T12:50:24"}, {"id": "OPENVAS:55044", "type": "openvas", "title": "FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2008-09-04T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=55044", "cvelist": ["CVE-2005-2102"], "lastseen": "2017-07-02T21:10:11"}], "nessus": [{"id": "DEBIAN_DSA-769.NASL", "type": "nessus", "title": "Debian DSA-769-1 : gaim - memory alignment bug", "description": "Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by this problem.", "published": "2005-07-31T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19318", "cvelist": ["CVE-2005-2370"], "lastseen": "2017-10-29T13:38:47"}, {"id": "MANDRAKE_MDKSA-2005-139.NASL", "type": "nessus", "title": "Mandrake Linux Security Advisory : gaim (MDKSA-2005:139)", "description": "Yet more vulnerabilities have been discovered in the gaim IM client.\nInvalid characters in a sent file can cause Gaim to crash on some systems (CVE-2005-2102); a remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (CVE-2005-2103); a memory alignment bug in the library used by Gaim to access the Gadu-Gadu network can result in a buffer overflow on non-x86 architecture systems (CVE-2005-2370).\n\nThese problems have been corrected in gaim 1.5.0 which is provided with this update.", "published": "2005-10-05T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19896", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2017-10-29T13:41:12"}, {"id": "DEBIAN_DSA-813.NASL", "type": "nessus", "title": "Debian DSA-813-1 : centericq - several vulnerabilities", "description": "Several problems have been discovered in libgadu which is also part of centericq, a text-mode multi-protocol instant messenger client. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CAN-2005-2369 Multiple integer signedness errors may allow remote attackers to cause a denial of service or execute arbitrary code.\n\n - CAN-2005-2370\n\n Memory alignment errors may allows remote attackers to cause a denial of service on certain architectures such as sparc.\n\n - CAN-2005-2448\n\n Several endianess errors may allow remote attackers to cause a denial of service.", "published": "2005-09-17T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19709", "cvelist": ["CVE-2005-2448", "CVE-2005-2370", "CVE-2005-2369"], "lastseen": "2017-10-29T13:42:34"}, {"id": "CENTOS_RHSA-2005-627.NASL", "type": "nessus", "title": "CentOS 3 / 4 : gaim (CESA-2005:627)", "description": "An updated gaim package that fixes multiple security issues is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ that could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote attacker could attempt to upload a file with a specially crafted name to a user logged into AIM or ICQ, causing Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A remote attacker could send a specially crafted message to a Gaim user logged into Gadu Gadu, causing Gaim to crash. Please note that this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.", "published": "2006-07-03T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21846", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2017-10-29T13:34:38"}, {"id": "SLACKWARE_SSA_2005-242-03.NASL", "type": "nessus", "title": "Slackware 10.0 / 10.1 / 9.0 / 9.1 / current : gaim (SSA:2005-242-03)", "description": "New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including: AIM/ICQ away message buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu memory alignment bug Sites that use GAIM should upgrade to the new version.", "published": "2005-10-05T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19860", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2017-10-29T13:34:46"}, {"id": "REDHAT-RHSA-2005-627.NASL", "type": "nessus", "title": "RHEL 3 / 4 : gaim (RHSA-2005:627)", "description": "An updated gaim package that fixes multiple security issues is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ that could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote attacker could attempt to upload a file with a specially crafted name to a user logged into AIM or ICQ, causing Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A remote attacker could send a specially crafted message to a Gaim user logged into Gadu Gadu, causing Gaim to crash. Please note that this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.", "published": "2005-08-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19423", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2017-10-29T13:45:28"}, {"id": "DEBIAN_DSA-1318.NASL", "type": "nessus", "title": "Debian DSA-1318-1 : ekg - several vulnerabilities", "description": "Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2005-2370 It was discovered that memory alignment errors may allow remote attackers to cause a denial of service on certain architectures such as sparc. This only affects Debian Sarge.\n\n - CVE-2005-2448 It was discovered that several endianess errors may allow remote attackers to cause a denial of service.\n This only affects Debian Sarge.\n\n - CVE-2007-1663 It was discovered that a memory leak in handling image messages may lead to denial of service. This only affects Debian Etch.\n\n - CVE-2007-1664 It was discovered that a NULL pointer deference in the token OCR code may lead to denial of service. This only affects Debian Etch.\n\n - CVE-2007-1665 It was discovered that a memory leak in the token OCR code may lead to denial of service. This only affects Debian Etch.", "published": "2007-06-27T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=25584", "cvelist": ["CVE-2005-2448", "CVE-2005-2370", "CVE-2007-1663", "CVE-2007-1665", "CVE-2007-1664"], "lastseen": "2017-10-29T13:39:19"}, {"id": "CENTOS_RHSA-2005-639.NASL", "type": "nessus", "title": "CentOS 4 : kdenetwork (CESA-2005:639)", "description": "Updated kdenetwork packages to correct a security flaw in Kopete are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe kdenetwork package contains networking applications for the K Desktop Environment. Kopete is a KDE instant messenger which supports a number of protocols including ICQ, MSN, Yahoo, Jabber, and Gadu-Gadu.\n\nMultiple integer overflow flaws were found in the way Kopete processes Gadu-Gadu messages. A remote attacker could send a specially crafted Gadu-Gadu message which would cause Kopete to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-1852 to this issue.\n\nIn order to be affected by this issue, a user would need to have registered with Gadu-Gadu and be signed in to the Gadu-Gadu server in order to receive a malicious message. In addition, Red Hat believes that the Exec-shield technology (enabled by default in Red Hat Enterprise Linux 4) would block attempts to remotely exploit this vulnerability.\n\nNote that this issue does not affect Red Hat Enterprise Linux 2.1 or 3.\n\nUsers of Kopete should update to these packages which contain a patch to correct this issue.", "published": "2006-07-05T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21954", "cvelist": ["CVE-2005-1852", "CVE-2005-2448", "CVE-2005-2370", "CVE-2005-2369"], "lastseen": "2017-10-29T13:35:37"}, {"id": "REDHAT-RHSA-2005-639.NASL", "type": "nessus", "title": "RHEL 4 : kdenetwork (RHSA-2005:639)", "description": "Updated kdenetwork packages to correct a security flaw in Kopete are now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nThe kdenetwork package contains networking applications for the K Desktop Environment. Kopete is a KDE instant messenger which supports a number of protocols including ICQ, MSN, Yahoo, Jabber, and Gadu-Gadu.\n\nMultiple integer overflow flaws were found in the way Kopete processes Gadu-Gadu messages. A remote attacker could send a specially crafted Gadu-Gadu message which would cause Kopete to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-1852 to this issue.\n\nIn order to be affected by this issue, a user would need to have registered with Gadu-Gadu and be signed in to the Gadu-Gadu server in order to receive a malicious message. In addition, Red Hat believes that the Exec-shield technology (enabled by default in Red Hat Enterprise Linux 4) would block attempts to remotely exploit this vulnerability.\n\nNote that this issue does not affect Red Hat Enterprise Linux 2.1 or 3.\n\nUsers of Kopete should update to these packages which contain a patch to correct this issue.", "published": "2005-07-22T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=19286", "cvelist": ["CVE-2005-1852", "CVE-2005-2448", "CVE-2005-2370", "CVE-2005-2369"], "lastseen": "2017-10-29T13:43:43"}, {"id": "FREEBSD_PKG_3B4A69820B2411DABC080001020EED82.NASL", "type": "nessus", "title": "FreeBSD : libgadu -- multiple vulnerabilities (3b4a6982-0b24-11da-bc08-0001020eed82)", "description": "Wojtek Kaniewski reports :\n\nMultiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure manner.\n\n- integer overflow in libgadu (CVE-2005-1852) that could be triggered by an incomming message and lead to application crash and/or remote code execution\n\n- insecure file creation (CVE-2005-1850) and shell command injection (CVE-2005-1851) in other user contributed scripts (discovered by Marcin Owsiany and Wojtek Kaniewski)\n\n- several signedness errors in libgadu that could be triggered by an incomming network data or an application passing invalid user input to the library\n\n- memory alignment errors in libgadu that could be triggered by an incomming message and lead to bus errors on architectures like SPARC\n\n- endianness errors in libgadu that could cause invalid behaviour of applications on big-endian architectures", "published": "2006-05-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=21414", "cvelist": ["CVE-2005-1852", "CVE-2005-2448", "CVE-2005-1850", "CVE-2005-2370", "CVE-2005-2369", "CVE-2005-1851"], "lastseen": "2017-10-29T13:37:12"}], "debian": [{"id": "DSA-769", "type": "debian", "title": "gaim -- memory alignment bug", "description": "Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by this problem.\n\nFor the stable distribution (sarge) this problem has been fixed in version 1.2.1-1.4.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your gaim package.", "published": "2005-07-29T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-769", "cvelist": ["CVE-2005-2370"], "lastseen": "2016-09-02T18:31:08"}, {"id": "DSA-813", "type": "debian", "title": "centericq -- several vulnerabilities", "description": "Several problems have been discovered in libgadu which is also part of centericq, a text-mode multi-protocol instant messenger client. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CAN-2005-2369](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2369>)\n\nMultiple integer signedness errors may allow remote attackers to cause a denial of service or execute arbitrary code.\n\n * [CAN-2005-2370](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370>)\n\nMemory alignment errors may allows remote attackers to cause a denial of service on certain architectures such as sparc.\n\n * [CAN-2005-2448](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2448>)\n\nSeveral endianess errors may allow remote attackers to cause a denial of service.\n\nThe old stable distribution (woody) is not affected by these problems.\n\nFor the stable distribution (sarge) these problems have been fixed in version 4.20.0-1sarge2.\n\nFor the unstable distribution (sid) these problems have been fixed in version 4.20.0-9.\n\nWe recommend that you upgrade your centericq package.", "published": "2005-09-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-813", "cvelist": ["CVE-2005-2448", "CVE-2005-2370", "CVE-2005-2369"], "lastseen": "2016-09-02T18:34:47"}, {"id": "DSA-1318", "type": "debian", "title": "ekg -- several vulnerabilities", "description": "Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2005-2370](<https://security-tracker.debian.org/tracker/CVE-2005-2370>)\n\nIt was discovered that memory alignment errors may allow remote attackers to cause a denial of service on certain architectures such as sparc. This only affects Debian Sarge.\n\n * [CVE-2005-2448](<https://security-tracker.debian.org/tracker/CVE-2005-2448>)\n\nIt was discovered that several endianess errors may allow remote attackers to cause a denial of service. This only affects Debian Sarge.\n\n * [CVE-2007-1663](<https://security-tracker.debian.org/tracker/CVE-2007-1663>)\n\nIt was discovered that a memory leak in handling image messages may lead to denial of service. This only affects Debian Etch.\n\n * [CVE-2007-1664](<https://security-tracker.debian.org/tracker/CVE-2007-1664>)\n\nIt was discovered that a null pointer deference in the token OCR code may lead to denial of service. This only affects Debian Etch.\n\n * [CVE-2007-1665](<https://security-tracker.debian.org/tracker/CVE-2007-1665>)\n\nIt was discovered that a memory leak in the token OCR code may lead to denial of service. This only affects Debian Etch.\n\nFor the oldstable distribution (sarge) these problems have been fixed in version 1.5+20050411-7. This updates lacks updated packages for the m68k architecture. They will be provided later.\n\nFor the stable distribution (etch) these problems have been fixed in version 1:1.7~rc2-1etch1.\n\nFor the unstable distribution (sid) these problems have been fixed in version 1:1.7~rc2-2.\n\nWe recommend that you upgrade your ekg packages.", "published": "2007-06-22T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://www.debian.org/security/dsa-1318", "cvelist": ["CVE-2005-2448", "CVE-2005-2370", "CVE-2007-1663", "CVE-2007-1665", "CVE-2007-1664"], "lastseen": "2016-09-02T18:22:29"}], "ubuntu": [{"id": "USN-168-1", "type": "ubuntu", "title": "Gaim vulnerabilities", "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted \u201caway\u201d messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Micha\u0106\u0082 Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1. However, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370)", "published": "2005-08-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/168-1/", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2018-03-29T18:18:55"}, {"id": "USN-162-1", "type": "ubuntu", "title": "ekg and Gadu library vulnerabilities", "description": "Marcin Owsiany and Wojtek Kaniewski discovered that some contributed scripts (contrib/ekgh, contrib/ekgnv.sh, and contrib/getekg.sh) in the ekg package created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the script. (CAN-2005-1850)\n\nMarcin Owsiany and Wojtek Kaniewski discovered a shell command injection vulnerability in a contributed utility (contrib/scripts/ekgbot-pre1.py). By sending specially crafted content to the bot, an attacker could exploit this to execute arbitrary code with the privileges of the user running ekgbot. (CAN-2005-1851)\n\nMarcin \u015alusarz discovered an integer overflow in the Gadu library. By sending a specially crafted incoming message, a remote attacker could execute arbitrary code with the privileges of the application using libgadu. (CAN-2005-1852)\n\nEric Romang discovered that another contributed script (contrib/scripts/linki.py) created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the script. (CAN-2005-1916)\n\nGrzegorz Ja\u015bkiewicz discovered several integer overflows in the Gadu library. A remote attacker could exploit this to crash the Gadu client application or even execute arbitrary code with the privileges of the user by sending specially crafted messages. (CAN-2005-2369)\n\nSzymon Zygmunt and Micha\u0142 Bartoszkiewicz discovered a memory alignment error in the Gadu library. By sending specially crafted messages, a remote attacker could crash the application using the library. (CAN-2005-2370)\n\nMarcin \u015alusarz discovered that the Gadu library did not properly handle endianess conversion in some cases. This caused invalid behavior on big endian architectures. The only affected supported architecture is powerpc. (CAN-2005-2448)", "published": "2005-08-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/162-1/", "cvelist": ["CVE-2005-1852", "CVE-2005-2448", "CVE-2005-1850", "CVE-2005-1916", "CVE-2005-2370", "CVE-2005-2369", "CVE-2005-1851"], "lastseen": "2018-03-29T18:20:35"}], "centos": [{"id": "CESA-2005:627", "type": "centos", "title": "gaim security update", "description": "**CentOS Errata and Security Advisory** CESA-2005:627\n\n\nGaim is an Internet Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ that could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\r\nattacker could attempt to upload a file with a specially crafted name to a\r\nuser logged into AIM or ICQ, causing Gaim to crash. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2102 to this issue.\r\n\r\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A\r\nremote attacker could send a specially crafted message to a Gaim user\r\nlogged into Gadu Gadu, causing Gaim to crash. Please note that this issue\r\nonly affects PPC and IBM S/390 systems running Gaim. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2370 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012035.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012036.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012047.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012048.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012049.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012050.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012051.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012052.html\n\n**Affected packages:**\ngaim\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-627.html", "published": "2005-08-10T08:32:46", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2005-August/012035.html", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2017-10-03T18:25:28"}, {"id": "CESA-2005:639", "type": "centos", "title": "kdenetwork security update", "description": "**CentOS Errata and Security Advisory** CESA-2005:639\n\n\nThe kdenetwork package contains networking applications for the K Desktop\r\nEnvironment. Kopete is a KDE instant messenger which supports a number of\r\nprotocols including ICQ, MSN, Yahoo, Jabber, and Gadu-Gadu.\r\n\r\nMultiple integer overflow flaws were found in the way Kopete processes\r\nGadu-Gadu messages. A remote attacker could send a specially crafted\r\nGadu-Gadu message which would cause Kopete to crash or possibly execute\r\narbitrary code. The Common Vulnerabilities and Exposures project\r\nassigned the name CAN-2005-1852 to this issue.\r\n\r\nIn order to be affected by this issue, a user would need to have registered\r\nwith Gadu-Gadu and be signed in to the Gadu-Gadu server in order to receive\r\na malicious message. In addition, Red Hat believes that the Exec-shield\r\ntechnology (enabled by default in Red Hat Enterprise Linux 4) would block\r\nattempts to remotely exploit this vulnerability.\r\n\r\nNote that this issue does not affect Red Hat Enterprise Linux 2.1 or 3.\r\n\r\nUsers of Kopete should update to these packages which contain a\r\npatch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-July/011946.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-July/011959.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-July/011960.html\n\n**Affected packages:**\nkdenetwork\nkdenetwork-devel\nkdenetwork-nowlistening\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-639.html", "published": "2005-07-22T12:00:12", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2005-July/011946.html", "cvelist": ["CVE-2005-1852", "CVE-2005-2448", "CVE-2005-2370", "CVE-2005-2369"], "lastseen": "2017-10-12T14:44:49"}, {"id": "CESA-2005:589-01", "type": "centos", "title": "gaim security update", "description": "**CentOS Errata and Security Advisory** CESA-2005:589-01\n\n\nGaim is an Internet Instant Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ which could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012030.html\n\n**Affected packages:**\ngaim\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "published": "2005-08-10T04:28:39", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2005-August/012030.html", "cvelist": ["CVE-2005-2103"], "lastseen": "2018-01-25T19:02:37"}], "redhat": [{"id": "RHSA-2005:627", "type": "redhat", "title": "(RHSA-2005:627) gaim security update", "description": "Gaim is an Internet Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ that could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\r\nattacker could attempt to upload a file with a specially crafted name to a\r\nuser logged into AIM or ICQ, causing Gaim to crash. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2102 to this issue.\r\n\r\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A\r\nremote attacker could send a specially crafted message to a Gaim user\r\nlogged into Gadu Gadu, causing Gaim to crash. Please note that this issue\r\nonly affects PPC and IBM S/390 systems running Gaim. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2370 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to these issues.", "published": "2005-08-09T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2005:627", "cvelist": ["CVE-2005-2102", "CVE-2005-2103", "CVE-2005-2370"], "lastseen": "2017-09-09T07:20:12"}, {"id": "RHSA-2005:639", "type": "redhat", "title": "(RHSA-2005:639) kdenetwork security update", "description": "The kdenetwork package contains networking applications for the K Desktop\r\nEnvironment. Kopete is a KDE instant messenger which supports a number of\r\nprotocols including ICQ, MSN, Yahoo, Jabber, and Gadu-Gadu.\r\n\r\nMultiple integer overflow flaws were found in the way Kopete processes\r\nGadu-Gadu messages. A remote attacker could send a specially crafted\r\nGadu-Gadu message which would cause Kopete to crash or possibly execute\r\narbitrary code. The Common Vulnerabilities and Exposures project\r\nassigned the name CAN-2005-1852 to this issue.\r\n\r\nIn order to be affected by this issue, a user would need to have registered\r\nwith Gadu-Gadu and be signed in to the Gadu-Gadu server in order to receive\r\na malicious message. In addition, Red Hat believes that the Exec-shield\r\ntechnology (enabled by default in Red Hat Enterprise Linux 4) would block\r\nattempts to remotely exploit this vulnerability.\r\n\r\nNote that this issue does not affect Red Hat Enterprise Linux 2.1 or 3.\r\n\r\nUsers of Kopete should update to these packages which contain a\r\npatch to correct this issue.", "published": "2005-07-21T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2005:639", "cvelist": ["CVE-2005-1852", "CVE-2005-2369", "CVE-2005-2370", "CVE-2005-2448"], "lastseen": "2017-09-09T07:19:29"}, {"id": "RHSA-2005:589", "type": "redhat", "title": "(RHSA-2005:589) gaim security update", "description": "Gaim is an Internet Instant Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ which could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to this issue.", "published": "2005-08-09T04:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2005:589", "cvelist": ["CVE-2005-2103"], "lastseen": "2018-03-28T01:01:08"}], "slackware": [{"id": "SSA-2005-242-03", "type": "slackware", "title": "gaim", "description": "New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including:\n\n AIM/ICQ away message buffer overflow\n AIM/ICQ non-UTF-8 filename crash\n Gadu-Gadu memory alignment bug\n\nSites that use GAIM should upgrade to the new version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n\n\nHere are the details from the Slackware 10.1 ChangeLog:\n\npatches/packages/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.\n This fixes some more security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n (* Security fix *)\n\nWhere to find the new packages:\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gaim-1.5.0-i386-1.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 9.0 package:\n676bad766cfddb50c7453554d66b1748 gaim-1.5.0-i386-1.tgz\n\nSlackware 9.1 package:\nd2cc0baba627ba9dbf3f218bdeacc630 gaim-1.5.0-i486-1.tgz\n\nSlackware 10.0 package:\n98d55471ed0a2f9def7fcded90860839 gaim-1.5.0-i486-1.tgz\n\nSlackware 10.1 package:\nbc6891f4acb22530c472218f5d9493fb gaim-1.5.0-i486-1.tgz\n\nSlackware -current package:\nb9a55d4359183b81e1150bea6e13b61e gaim-1.5.0-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gaim-1.5.0-i486-1.tgz", "published": "2005-08-30T15:54:29", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2018-02-02T18:11:30"}, {"id": "SSA-2005-251-03", "type": "slackware", "title": "slackware-current security updates", "description": "This advisory summarizes recent security fixes in Slackware -current.\n\nUsually security advisories are not issued on problems that exist only\nwithin the test version of Slackware (slackware-current), but since it's\nso close to being released as Slackware 10.2, and since there have been\nseveral -cuurent-only issues recently, it has been decided that it would\nbe a good idea to release a summary of all of the security fixes in\nSlackware -current for the last 2 weeks. Some of these are -current only,\nand some affect other versions of Slackware (and advisories for these\nhave already been issued).\n\n\nHere are the details from the Slackware -current ChangeLog:\n\nap/groff-1.19.1-i486-3.tgz: Fixed a /tmp bug in groffer. Groffer is a\n script to display formatted output on the console or X, and is not normally\n used in other scripts (for printers, etc) like most groff components are.\n The risk from this bug is probably quite low. The fix was pulled from the\n just-released groff-1.19.2. With Slackware 10.2 just around the corner it\n didn't seem prudent to upgrade to that -- the diff from 1.19.1 to 1.19.2\n is over a megabyte compressed.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969\n (* Security fix *)\n\nkde/kdebase-3.4.2-i486-2.tgz: Patched a bug in Konqueror's handling of\n characters such as '*', '[', and '?'.\n Generated new kdm config files.\n Added /opt/kde/man to $MANPATH.\n Patched a security bug in kcheckpass that could allow a local user to\n gain root privileges.\n For more information, see:\n http://www.kde.org/info/security/advisory-20050905-1.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2494\n (* Security fix *)\n\nn/mod_ssl-2.8.24_1.3.33-i486-1.tgz: Upgraded to mod_ssl-2.8.24-1.3.33.\n From the CHANGES file:\n Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require" was\n not enforced in per-location context if "SSLVerifyClient optional" was\n configured in the global virtual host configuration.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700\n (* Security fix *)\n\nn/openssh-4.2p1-i486-1.tgz: Upgraded to openssh-4.2p1.\n From the OpenSSH 4.2 release announcement:\n SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused\n GatewayPorts to be incorrectly activated for dynamic ("-D") port\n forwardings when no listen address was explicitly specified.\n (* Security fix *)\n\nkde/kdeedu-3.4.2-i486-2.tgz: Fixed a minor /tmp bug in kvoctrain.\n (* Security fix *)\n\nn/php-4.4.0-i486-3.tgz: Relinked with the system PCRE library, as the builtin\n library has a buffer overflow that could be triggered by the processing of a\n specially crafted regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n\nxap/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.\n This fixes some more security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n (* Security fix *)\n\ntesting/packages/php-5.0.4/php-5.0.4-i486-3.tgz: Relinked with the\n system PCRE library, as the builtin library has a buffer overflow\n that could be triggered by the processing of a specially crafted\n regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n Recompiled with support for mbstring, cURL, and XSLT.\n Thanks to Den (aka Diesel) for suggesting XSLT.\n\nWhere to find the new packages:\n\nAdd of these packages are available in the slackware-current directory\non ftp.slackware.com:\n\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/groff-1.19.1-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdebase-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mod_ssl-2.8.24_1.3.33-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-4.2p1-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdeedu-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-4.4.0-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/php-5.0.4/php-5.0.4-i486-3.tgz\n\nA .asc file is provided next to each package. This can be used along\nwith 'gpg --verify' to verify the integrity of the packages.", "published": "2005-09-08T15:55:02", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.651553", "cvelist": ["CVE-2005-2700", "CVE-2005-2498", "CVE-2005-2494", "CVE-2005-2370", "CVE-2005-2103", "CVE-2004-0969", "CVE-2005-2491", "CVE-2005-2102"], "lastseen": "2018-02-02T18:11:38"}], "freebsd": [{"id": "3B4A6982-0B24-11DA-BC08-0001020EED82", "type": "freebsd", "title": "libgadu -- multiple vulnerabilities", "description": "\nWojtek Kaniewski reports:\n\nMultiple vulnerabilities have been found in libgadu, a\n\t library for handling Gadu-Gadu instant messaging\n\t protocol. It is a part of ekg, a Gadu-Gadu client, but is\n\t widely used in other clients. Also some of the user\n\t contributed scripts were found to behave in an insecure\n\t manner.\n\ninteger overflow in libgadu (CVE-2005-1852) that could\n\t be triggered by an incomming message and lead to\n\t application crash and/or remote code execution\ninsecure file creation (CVE-2005-1850) and shell\n\t command injection (CVE-2005-1851) in other user\n\t contributed scripts (discovered by Marcin Owsiany and\n\t Wojtek Kaniewski)\nseveral signedness errors in libgadu that could be\n\t triggered by an incomming network data or an application\n\t passing invalid user input to the library\nmemory alignment errors in libgadu that could be\n\t triggered by an incomming message and lead to bus errors\n\t on architectures like SPARC\nendianness errors in libgadu that could cause invalid\n\t behaviour of applications on big-endian\n\t architectures\n\n\n", "published": "2005-07-21T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/3b4a6982-0b24-11da-bc08-0001020eed82.html", "cvelist": ["CVE-2005-1852", "CVE-2005-2448", "CVE-2005-1850", "CVE-2005-2370", "CVE-2005-2369", "CVE-2005-1851"], "lastseen": "2016-09-26T17:25:12"}, {"id": "6D1761D2-0B23-11DA-BC08-0001020EED82", "type": "freebsd", "title": "gaim -- AIM/ICQ away message buffer overflow", "description": "\nThe GAIM team reports:\n\nA remote AIM or ICQ user can cause a buffer overflow in\n\t Gaim by setting an away message containing many AIM\n\t substitution strings (such as %t or %n).\n\n", "published": "2005-08-09T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/6d1761d2-0b23-11da-bc08-0001020eed82.html", "cvelist": ["CVE-2005-2103"], "lastseen": "2016-09-26T17:25:12"}, {"id": "09DB2844-0B21-11DA-BC08-0001020EED82", "type": "freebsd", "title": "gaim -- AIM/ICQ non-UTF-8 filename crash", "description": "\nThe GAIM team reports:\n\nA remote user could cause Gaim to crash on some systems\n\t by sending the Gaim user a file whose filename contains\n\t certain invalid characters. It is unknown what combination\n\t of systems are affected, but it is suspected that Windows\n\t users and systems with older versions of GTK+ are\n\t especially susceptible.\n\n", "published": "2005-08-09T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vuxml.freebsd.org/freebsd/09db2844-0b21-11da-bc08-0001020eed82.html", "cvelist": ["CVE-2005-2102"], "lastseen": "2016-09-26T17:25:12"}], "gentoo": [{"id": "GLSA-200508-06", "type": "gentoo", "title": "Gaim: Remote execution of arbitrary code", "description": "### Background\n\nGaim is a full featured instant messaging client which handles a variety of instant messaging protocols. \n\n### Description\n\nBrandon Perry discovered that Gaim is vulnerable to a heap-based buffer overflow when handling away messages (CAN-2005-2103). Furthermore, Daniel Atallah discovered a vulnerability in the handling of file transfers (CAN-2005-2102). \n\n### Impact\n\nA remote attacker could create a specially crafted away message which, when viewed by the target user, could lead to the execution of arbitrary code. Also, an attacker could send a file with a non-UTF8 filename to a user, which would result in a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Gaim users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/gaim-1.5.0\"", "published": "2005-08-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://security.gentoo.org/glsa/200508-06", "cvelist": ["CVE-2005-2103", "CVE-2005-2102"], "lastseen": "2016-09-06T19:46:17"}]}}
