RHEL 3 : gaim (RHSA-2004:033)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing a security update.

Description :

Updated Gaim packages that fix a number of serious vulnerabilities are
now available.

Gaim is an instant messenger client that can handle multiple
protocols.

Stefan Esser audited the Gaim source code and found a number of bugs
that have security implications. Due to the nature of instant
messaging many of these bugs require man-in-the-middle attacks between
client and server. However at least one of the buffer overflows could
be exploited by an attacker sending a carefully-constructed malicious
message through a server.

The issues include :

Multiple buffer overflows that affect versions of Gaim 0.75 and
earlier. 1) When parsing cookies in a Yahoo web connection, 2) YMSG
protocol overflows parsing the Yahoo login webpage, 3) a YMSG packet
overflow, 4) flaws in the URL parser, and 5) flaws in HTTP Proxy
connect. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0006 to these issues.

A buffer overflow in Gaim 0.74 and earlier in the Extract Info Field
Function used for MSN and YMSG protocol handlers. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-0007 to this issue.

An integer overflow in Gaim 0.74 and earlier, when allocating memory
for a directIM packet results in heap overflow. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-0008 to this issue.

All users of Gaim should upgrade to these erratum packages, which
contain backported security patches correcting these issues.

Red Hat would like to thank Steffan Esser for finding and reporting
these issues and Jacques A. Vidrine for providing initial patches.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-0006.html
https://www.redhat.com/security/data/cve/CVE-2004-0007.html
https://www.redhat.com/security/data/cve/CVE-2004-0008.html
http://rhn.redhat.com/errata/RHSA-2004-033.html

Solution :

Update the affected gaim package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 12455 ()

Bugtraq ID:

CVE ID: CVE-2004-0006
CVE-2004-0007
CVE-2004-0008