Date: Fri, 4 Jul 2008 00:03:44 +0200 From: Robert Buchholz <rbu@...too.org> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request (pidgin) On Thursday 03 July 2008, Josh Bressers wrote: > On 3 July 2008, Nico Golde wrote: > > > Name: CVE-2008-2955 > > > > > > > > > Pidgin 2.4.1 allows remote attackers to cause a denial of service > > > (crash) via a long filename that contains certain characters, as > > > demonstrated using an MSN message that triggers the crash in the > > > msn_slplink_process_msg function. > > > > Did anyone try if this can be done by some random user=20 > > without authorization and if the victim needs to accept the=20 > > file first to trigger this? > > My testing showed that random users can't send files, they need to be > in your buddy list. I'm not sure if the victim needs to accept the > file or not. Last I knew, upstream was still working on this one. Our maintainer digged out these changes that are in the newly released 2.4.3: http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c Are they incomplete? Robert
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ