Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 4 Jul 2008 00:03:44 +0200
From: Robert Buchholz <rbu@...too.org>
To: oss-security@...ts.openwall.com
Subject: Re: Re: CVE Request (pidgin)

On Thursday 03 July 2008, Josh Bressers wrote:
> On 3 July 2008, Nico Golde wrote:
> > > Name: CVE-2008-2955
> > >
> > >
> > > Pidgin 2.4.1 allows remote attackers to cause a denial of service
> > > (crash) via a long filename that contains certain characters, as
> > > demonstrated using an MSN message that triggers the crash in the
> > > msn_slplink_process_msg function.
> >
> > Did anyone try if this can be done by some random user=20
> > without authorization and if the victim needs to accept the=20
> > file first to trigger this?
>
> My testing showed that random users can't send files, they need to be
> in your buddy list.  I'm not sure if the victim needs to accept the
> file or not.  Last I knew, upstream was still working on this one.

Our maintainer digged out these changes that are in the newly released 
2.4.3:

http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c
http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c

Are they incomplete?


Robert

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ