Trillian DirectIM Packet Remote Overflow

high Nessus Plugin ID 12076

Synopsis

The remote Windows host contains an instant messaging client that is vulnerable to a buffer overflow attack.

Description

An integer buffer overflow exists in the AOL Instant Messenger (AIM) component of the version of Trillian instant messaging client installed on the remote host. By sending a DirectIM packet with a size above 8k bytes, a remote attacker can potentially execute code on the affected host subject to the user's privileges.

Solution

Upgrade to Trillian 0.74 patch G or higher.

See Also

http://www.nessus.org/u?03d60de8

https://seclists.org/fulldisclosure/2004/Feb/1241

Plugin Details

Severity: High

ID: 12076

File Name: trillian_patchg.nasl

Version: 1.19

Type: local

Agent: windows

Family: Windows

Published: 2/25/2004

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: High

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:trillian:trillian

Required KB Items: SMB/Registry/Enumerated

Vulnerability Publication Date: 2/24/2004

Reference Information

CVE: CVE-2004-2304