LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Subject: [Security Announce] [ MDVSA-2009:230 ] pidgin Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Security vulnerabilities has been identified and fixed in pidgin: The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376 (CVE-2009-2694). Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM (CVE-2009-3025) protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the require TLS/SSL preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions (CVE-2009-3026). libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string (CVE-2009-2703). The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client (CVE-2009-3083). The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect UTF16-LE charset name (CVE-2009-3084). The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images (CVE-2009-3085). This update provides pidgin 2.6.2, which is not vulnerable to these issues.
 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:230
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : pidgin
 Date    : September 11, 2009
 Affected: 2009.0, 2009.1, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Security vulnerabilities has been identified and fixed in pidgin:
 
 The msn_slplink_process_msg function in
 libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin
 (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows
 remote attackers to execute arbitrary code or cause a denial of service
 (memory corruption and application crash) by sending multiple crafted
 SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary
 memory location.  NOTE: this issue reportedly exists because of an
 incomplete fix for CVE-2009-1376 (CVE-2009-2694).
 
 Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers
 to cause a denial of service (crash) via a link in a Yahoo IM
 (CVE-2009-3025)
 
 protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly
 other versions, does not follow the require TLS/SSL preference
 when connecting to older Jabber servers that do not follow the XMPP
 specification, which causes libpurple to connect to the server without
 the expected encryption and allows remote attackers to sniff sessions
 (CVE-2009-3026).
 
 libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple
 in Pidgin before 2.6.2 allows remote IRC servers to cause a denial
 of service (NULL pointer dereference and application crash) via a
 TOPIC message that lacks a topic string (CVE-2009-2703).
 
 The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the
 MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote
 attackers to cause a denial of service (NULL pointer dereference
 and application crash) via an SLP invite message that lacks certain
 required fields, as demonstrated by a malformed message from a KMess
 client (CVE-2009-3083).
 
 The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c
 in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in
 Pidgin before 2.6.2, allows remote attackers to cause a denial of
 service (application crash) via a handwritten (aka Ink) message,
 related to an uninitialized variable and the incorrect UTF16-LE
 charset name (CVE-2009-3084).
 
 The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does
 not properly handle an error IQ stanza during an attempted fetch of
 a custom smiley, which allows remote attackers to cause a denial of
 service (application crash) via XHTML-IM content with cid: images
 (CVE-2009-3085).
 
 This update provides pidgin 2.6.2, which is not vulnerable to these
 issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3025
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3026
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2703
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3083
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3084
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3085
 http://pidgin.im/news/security/
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 dd2135de88f01028217b4146dbfdabc0  2009.0/i586/finch-2.6.2-1.1mdv2009.0.i586.rpm
 0a62ef0d115db1d059ba8683d8b78543  2009.0/i586/libfinch0-2.6.2-1.1mdv2009.0.i586.rpm
 d9138da684311ab0e77748b5d9251324  2009.0/i586/libpurple0-2.6.2-1.1mdv2009.0.i586.rpm
 a795ae8b0a6d37dae3cdd5d626a1054b  2009.0/i586/libpurple-devel-2.6.2-1.1mdv2009.0.i586.rpm
 e02ee9ac19b50b6313ab7e95955fc7dd  2009.0/i586/pidgin-2.6.2-1.1mdv2009.0.i586.rpm
 d9da1b8df1a61a3c6a61fb661d0af935  2009.0/i586/pidgin-bonjour-2.6.2-1.1mdv2009.0.i586.rpm
 fa74aa490a4a78a443f78273bd80c129  2009.0/i586/pidgin-client-2.6.2-1.1mdv2009.0.i586.rpm
 fba34f0c6056aaeda170fb38bafc50f8  2009.0/i586/pidgin-gevolution-2.6.2-1.1mdv2009.0.i586.rpm
 aa062eba94ee8a8857241879f83bb680  2009.0/i586/pidgin-i18n-2.6.2-1.1mdv2009.0.i586.rpm
 3583204db49425789559de87f9c20e84  2009.0/i586/pidgin-meanwhile-2.6.2-1.1mdv2009.0.i586.rpm
 83e2b09d13dc5880ce3779a659fa6edd  2009.0/i586/pidgin-mono-2.6.2-1.1mdv2009.0.i586.rpm
 13115c52a371163466c9f8fb02c3b3f1  2009.0/i586/pidgin-perl-2.6.2-1.1mdv2009.0.i586.rpm
 57c8369439d8ac73444f881e47bc7c7b  2009.0/i586/pidgin-plugins-2.6.2-1.1mdv2009.0.i586.rpm
 1fe519efa96037e5b95360e6967fa872  2009.0/i586/pidgin-silc-2.6.2-1.1mdv2009.0.i586.rpm
 ab47db7786ec117a66317dc91328117c  2009.0/i586/pidgin-tcl-2.6.2-1.1mdv2009.0.i586.rpm 
 3c72a8f93d85a71a5ec62065c71ac866  2009.0/SRPMS/pidgin-2.6.2-1.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 abe40e3b46e70d0f74c5b4195d4a7573  2009.0/x86_64/finch-2.6.2-1.1mdv2009.0.x86_64.rpm
 1895ed3c44f5eb3bf08bba3d0d44329a  2009.0/x86_64/lib64finch0-2.6.2-1.1mdv2009.0.x86_64.rpm
 16bcdf679539693dea8d115d6f4f57fa  2009.0/x86_64/lib64purple0-2.6.2-1.1mdv2009.0.x86_64.rpm
 5359a59e9ddd524f3fe2e61374391e6c  2009.0/x86_64/lib64purple-devel-2.6.2-1.1mdv2009.0.x86_64.rpm
 c59fedcacf46d230776c1fa588d2370d  2009.0/x86_64/pidgin-2.6.2-1.1mdv2009.0.x86_64.rpm
 e4f7f1dded3d1de9ba3a7cb3251382ab  2009.0/x86_64/pidgin-bonjour-2.6.2-1.1mdv2009.0.x86_64.rpm
 9c8326b381dc152f4121ab43104fca70  2009.0/x86_64/pidgin-client-2.6.2-1.1mdv2009.0.x86_64.rpm
 c7f718a011414a1c2a30dc3c765fa57f  2009.0/x86_64/pidgin-gevolution-2.6.2-1.1mdv2009.0.x86_64.rpm
 5a272130a6b76313263567fa4e4eb405  2009.0/x86_64/pidgin-i18n-2.6.2-1.1mdv2009.0.x86_64.rpm
 c7ca5393d5b3c26c7969e1935f0f081f  2009.0/x86_64/pidgin-meanwhile-2.6.2-1.1mdv2009.0.x86_64.rpm
 a352742a2c74ab2dee0fe923d8088b09  2009.0/x86_64/pidgin-mono-2.6.2-1.1mdv2009.0.x86_64.rpm
 3a7ea7015ba7e4631629a6561969c5f1  2009.0/x86_64/pidgin-perl-2.6.2-1.1mdv2009.0.x86_64.rpm
 673250d99488d52ac182234a977270c5  2009.0/x86_64/pidgin-plugins-2.6.2-1.1mdv2009.0.x86_64.rpm
 b0b24b820b40b8ae0ea50b861cb24816  2009.0/x86_64/pidgin-silc-2.6.2-1.1mdv2009.0.x86_64.rpm
 cde1df5b06fdd9a7f3abdacd519a4ded  2009.0/x86_64/pidgin-tcl-2.6.2-1.1mdv2009.0.x86_64.rpm 
 3c72a8f93d85a71a5ec62065c71ac866  2009.0/SRPMS/pidgin-2.6.2-1.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 a0dae5ebcc277d8a42dfbbbc273e2e7c  2009.1/i586/finch-2.6.2-1.1mdv2009.1.i586.rpm
 3e31c84ecf92b24da7e63fda3e6bc57e  2009.1/i586/libfinch0-2.6.2-1.1mdv2009.1.i586.rpm
 6c2e1b9d19fc77f438517512666d8015  2009.1/i586/libpurple0-2.6.2-1.1mdv2009.1.i586.rpm
 924014945b93ced26931d96e7872b2ae  2009.1/i586/libpurple-devel-2.6.2-1.1mdv2009.1.i586.rpm
 0c78dd3ef63b1e14bc1f881a8c15fecb  2009.1/i586/pidgin-2.6.2-1.1mdv2009.1.i586.rpm
 3038bfbd661e5d467dec2c2ac9550b16  2009.1/i586/pidgin-bonjour-2.6.2-1.1mdv2009.1.i586.rpm
 ea7a7a8d951f6deb0d68cfc162868a6a  2009.1/i586/pidgin-client-2.6.2-1.1mdv2009.1.i586.rpm
 cb312d06aa0365d38e393c7625171e62  2009.1/i586/pidgin-gevolution-2.6.2-1.1mdv2009.1.i586.rpm
 c8bfc1d06999ea0db358cbb008e51094  2009.1/i586/pidgin-i18n-2.6.2-1.1mdv2009.1.i586.rpm
 b46996777660d0818dc1c3987ab698dc  2009.1/i586/pidgin-meanwhile-2.6.2-1.1mdv2009.1.i586.rpm
 c761eb32c26ffd738b2ad3b61f78c011  2009.1/i586/pidgin-mono-2.6.2-1.1mdv2009.1.i586.rpm
 aaba734ce1fd0425395132ce28e76c6b  2009.1/i586/pidgin-perl-2.6.2-1.1mdv2009.1.i586.rpm
 4b7f6d886dda8a7e89a56e6cd459b888  2009.1/i586/pidgin-plugins-2.6.2-1.1mdv2009.1.i586.rpm
 28c71dbe522e6c2315c0092b5c68f6a6  2009.1/i586/pidgin-silc-2.6.2-1.1mdv2009.1.i586.rpm
 0aaa2db43643a3f2a471b5d29b89e794  2009.1/i586/pidgin-tcl-2.6.2-1.1mdv2009.1.i586.rpm 
 3607769d564d6cead9e66ddc97e90c26  2009.1/SRPMS/pidgin-2.6.2-1.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 5996a662fd63ef72540432b9e723e376  2009.1/x86_64/finch-2.6.2-1.1mdv2009.1.x86_64.rpm
 5daefd3daff1323ae6befca7ffeccf6d  2009.1/x86_64/lib64finch0-2.6.2-1.1mdv2009.1.x86_64.rpm
 29c6cff6af5047f1c1e8c0e9cab1b343  2009.1/x86_64/lib64purple0-2.6.2-1.1mdv2009.1.x86_64.rpm
 129363e98df30501bb591131f3b71974  2009.1/x86_64/lib64purple-devel-2.6.2-1.1mdv2009.1.x86_64.rpm
 1dca4950a84ee467a1db32e33c272493  2009.1/x86_64/pidgin-2.6.2-1.1mdv2009.1.x86_64.rpm
 efc25c6b71ae970de073641feed3d222  2009.1/x86_64/pidgin-bonjour-2.6.2-1.1mdv2009.1.x86_64.rpm
 f57802d311e6676c359db58ce4f6c898  2009.1/x86_64/pidgin-client-2.6.2-1.1mdv2009.1.x86_64.rpm
 3673312d1746554834679c0dd66f900a  2009.1/x86_64/pidgin-gevolution-2.6.2-1.1mdv2009.1.x86_64.rpm
 6b4edbc3cbd95c4b73f199ec3dd07544  2009.1/x86_64/pidgin-i18n-2.6.2-1.1mdv2009.1.x86_64.rpm
 07ddc3ebd9baa319fa42327ace7a51c1  2009.1/x86_64/pidgin-meanwhile-2.6.2-1.1mdv2009.1.x86_64.rpm
 d3c41c1ef9cd7baa9febd7d073ef09a4  2009.1/x86_64/pidgin-mono-2.6.2-1.1mdv2009.1.x86_64.rpm
 6ce2b600ff76999460c7e8ed7ef81904  2009.1/x86_64/pidgin-perl-2.6.2-1.1mdv2009.1.x86_64.rpm
 d8be6a2e6bbba229edd7d7abcbf2ef76  2009.1/x86_64/pidgin-plugins-2.6.2-1.1mdv2009.1.x86_64.rpm
 7ae3fdc1561a478052e2a3fe65488966  2009.1/x86_64/pidgin-silc-2.6.2-1.1mdv2009.1.x86_64.rpm
 308d2a35011d9093973b393199de7393  2009.1/x86_64/pidgin-tcl-2.6.2-1.1mdv2009.1.x86_64.rpm 
 3607769d564d6cead9e66ddc97e90c26  2009.1/SRPMS/pidgin-2.6.2-1.1mdv2009.1.src.rpm

 Mandriva Enterprise Server 5:
 6a1a28fb7bb3037ae1528e792417300b  mes5/i586/finch-2.6.2-1.1mdvmes5.i586.rpm
 7f56781f36c71c0839741b728586ef85  mes5/i586/libfinch0-2.6.2-1.1mdvmes5.i586.rpm
 f45ee50ed79e8101375a9236f937d658  mes5/i586/libpurple0-2.6.2-1.1mdvmes5.i586.rpm
 b0455640d7149d9ad025ae42fce61b72  mes5/i586/libpurple-devel-2.6.2-1.1mdvmes5.i586.rpm
 487fa34cda5ebd172673c4232a3009d3  mes5/i586/pidgin-2.6.2-1.1mdvmes5.i586.rpm
 38220a322dc8b3fc2a264fb2bae2e54f  mes5/i586/pidgin-bonjour-2.6.2-1.1mdvmes5.i586.rpm
 9a6d4add9297029d774a3f4483be769f  mes5/i586/pidgin-client-2.6.2-1.1mdvmes5.i586.rpm
 5b4b62dd8555dc4b43d475c5dc04ff37  mes5/i586/pidgin-gevolution-2.6.2-1.1mdvmes5.i586.rpm
 adb1072ce88c0a95afb2a41b07471f69  mes5/i586/pidgin-i18n-2.6.2-1.1mdvmes5.i586.rpm
 3f2d24e39f650e1ce198b3555881d52f  mes5/i586/pidgin-meanwhile-2.6.2-1.1mdvmes5.i586.rpm
 70cc2085acb78b0a75df07c8d44122a6  mes5/i586/pidgin-mono-2.6.2-1.1mdvmes5.i586.rpm
 2fc80c8e5d350ea77dbaf3bf53e738c9  mes5/i586/pidgin-perl-2.6.2-1.1mdvmes5.i586.rpm
 9bb6bb95f035abec1d8db99fb7a95a94  mes5/i586/pidgin-plugins-2.6.2-1.1mdvmes5.i586.rpm
 0e8e10245b3b2b2793e9830ebad65c9f  mes5/i586/pidgin-silc-2.6.2-1.1mdvmes5.i586.rpm
 87005bd59df0e60db09773f5ad51c65c  mes5/i586/pidgin-tcl-2.6.2-1.1mdvmes5.i586.rpm 
 c5ba16d383624512a2accea0e49127e1  mes5/SRPMS/pidgin-2.6.2-1.1mdvmes5.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 48559a9fbd602829a9018da470c737b7  mes5/x86_64/finch-2.6.2-1.1mdvmes5.x86_64.rpm
 efc52b721d74bd54957d8381160930ae  mes5/x86_64/lib64finch0-2.6.2-1.1mdvmes5.x86_64.rpm
 cfa40992e6268de48742d863937a3ce5  mes5/x86_64/lib64purple0-2.6.2-1.1mdvmes5.x86_64.rpm
 551c32363db750e426e3ba6aa482aa1b  mes5/x86_64/lib64purple-devel-2.6.2-1.1mdvmes5.x86_64.rpm
 f772d231fa7f5bfa83d7448b977ac9e4  mes5/x86_64/pidgin-2.6.2-1.1mdvmes5.x86_64.rpm
 5e36d866ed4aead171f62b0ff52f86de  mes5/x86_64/pidgin-bonjour-2.6.2-1.1mdvmes5.x86_64.rpm
 8e93da5c587e1fc463c23a1e202c506f  mes5/x86_64/pidgin-client-2.6.2-1.1mdvmes5.x86_64.rpm
 35a37384b53cb597b796ce269b947c0c  mes5/x86_64/pidgin-gevolution-2.6.2-1.1mdvmes5.x86_64.rpm
 6d8a79d2da3c94034e9db65464304cba  mes5/x86_64/pidgin-i18n-2.6.2-1.1mdvmes5.x86_64.rpm
 be05186873330aca1a05143c7380b5e1  mes5/x86_64/pidgin-meanwhile-2.6.2-1.1mdvmes5.x86_64.rpm
 669c51511f0c04f40779dd73e0c9f50d  mes5/x86_64/pidgin-mono-2.6.2-1.1mdvmes5.x86_64.rpm
 79bd83d747fa3e48d2ce18e8e5abb588  mes5/x86_64/pidgin-perl-2.6.2-1.1mdvmes5.x86_64.rpm
 48eb4e61676abc78e769a0f660148814  mes5/x86_64/pidgin-plugins-2.6.2-1.1mdvmes5.x86_64.rpm
 6c37ac6cbf4e83b8a4e09bfc62776d73  mes5/x86_64/pidgin-silc-2.6.2-1.1mdvmes5.x86_64.rpm
 47262f2e661db28512c40710d9a59113  mes5/x86_64/pidgin-tcl-2.6.2-1.1mdvmes5.x86_64.rpm 
 c5ba16d383624512a2accea0e49127e1  mes5/SRPMS/pidgin-2.6.2-1.1mdvmes5.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.