USN-168-1: Gaim vulnerabilities

Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR the module that handles various instant messaging protocols like ICQ. A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8...

FreeBSD : gaim -- MSN denial-of-service vulnerabilities (f2d6a5e1-26b9-11d9-9289-000c41e2cdad)

The Gaim team discovered denial-of-service vulnerabilities in the MSN protocol handler : After accepting a file transfer request, Gaim will attempt to allocate a buffer of a size equal to the entire filesize, this allocation attempt will cause Gaim to crash if the size exceeds the amount of...

Nokia Affix < 3.2.0 btftp Remote Client Exploit

No description provided by source. / - Tools you will probably need: - http://www.digitalmunition.com/setbd-affix.c - KF is one bad mofo /str0ke Remote Nokia Affix btftp client exploit by kflistsatsecnetopsdotcom threat: btftp Affix version: Affix 2.1.1 Wellcome to OBEX ftp. Type ? for help. Mode...

Nokia Affix 3.2.0 - btftp Remote Client

Nokia Affix 3.2.0 - btftp Remote Client / - Tools you will probably need: - http://www.digitalmunition.com/setbd-affix.c - KF is one bad mofo /str0ke Remote Nokia Affix btftp client exploit by kflistsatsecnetopsdotcom threat: btftp Affix version: Affix 2.1.1 Wellcome to OBEX ftp. Type ? for help...

gaim security update

CentOS Errata and Security Advisory CESA-2005:518 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-June/074034.html https://lists.centos.org/pipermail/centos-announce/2005-June/074035.html...

GLSA-200506-11 : Gaim: Denial of Service vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200506-11 Gaim: Denial of Service vulnerabilities Jacopo Ottaviani discovered a vulnerability in the Yahoo! file transfer code when being offered files with names containing non-ASCII characters CAN-2005-1269. Hugo de Bokkenrijder...

Gaim: Denial of Service vulnerabilities

Background Gaim is a full featured instant messaging client which handles a variety of instant messaging protocols. Description Jacopo Ottaviani discovered a vulnerability in the Yahoo! file transfer code when being offered files with names containing non-ASCII characters CAN-2005-1269. Hugo de...

CVE-2005-1809

Sony Ericsson P900 Beamer is affected by CVE-2005-1809. The vulnerability occurs when an OBEX FTP session with a long filename is used in OBEX File Transfer or OBEX Object Push, triggering a denial-of-service (panic). The prime exposure vector is remote network interaction. No root-cause details ...

CVE-2005-1809

Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service panic via an obexftp session with a long filename in an OBEX File Transfer or OBEX Object Push...

CVE-2005-0967

Gaim 1.2.0 allows remote attackers to cause a denial of service application crash via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read...

CVE-2005-0967

Gaim 1.2.0 allows remote attackers to cause a denial of service application crash via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read...

CVE-2005-1002

logwebftbs2000.exe in Logics Software File Transfer LOG-FT allows remote attackers to read arbitrary files via modified 1 VARFTLANG and 2 VARFTTMPL parameters...

CVE-2005-0573

Gaim 1.1.3 on Windows systems allows remote attackers to cause a denial of service client crash via a file transfer in which the filename contains "" or "" parenthesis characters...

logicsBS2000.txt

Logics Software Filetransfer from BS2000 Host to Web Client Release Date: April 4, 2005 Date noticed: March 11, 2005 Severity: High verified read access to any file and to-be-verified write access Vendor: Logics Sofware http://www.logics.de http://www.logics.de/bs2000.htm Systems Affected: All...

[SA14851] Logics Software LOG-FT File Transfer Arbitrary File Disclosure

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Logics Software LOG-FT File Transfer Arbitrary File...

CVE-2005-1002

The CVE-2005-1002 entry concerns logwebftbs2000.exe in Logics Software File Transfer (LOG-FT). The vulnerable component is the file-transfer web client/server, where an attacker can read arbitrary files by supplying modified parameters VAR_FT_LANG and VAR_FT_TMPL. The cited reports describe remot...

CVE-2005-1002

logwebftbs2000.exe in Logics Software File Transfer LOG-FT allows remote attackers to read arbitrary files via modified 1 VARFTLANG and 2 VARFTTMPL parameters...

CVE-2005-0967

Gaim 1.2.0 is affected by CVE-2005-0967. The issue occurs when handling a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read and causes the application to crash (denial of service). The vulnerability focuses on Jabber message/file transfer parsing; no exploit d...

Gaim: Denial of Service issues

Background Gaim is a full featured instant messaging client which handles a variety of instant messaging protocols. Description Multiple vulnerabilities have been addressed in the latest release of Gaim: A buffer overread in the gaimmarkupstriphtml function, which is used when logging conversatio...

gaim -- jabber remote crash

The GAIM team reports: A remote jabber user can cause Gaim to crash by sending a specific file transfer request...