RHEL 3 : gaim (RHSA-2004:400)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing a security update.

Description :

An updated gaim package that fixes several security issues is now
available.

Gaim is an instant messenger client that can handle multiple
protocols.

Buffer overflow bugs were found in the Gaim MSN protocol handler. In
order to exploit these bugs, an attacker would have to perform a man
in the middle attack between the MSN server and the vulnerable Gaim
client. Such an attack could allow arbitrary code execution. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0500 to this issue.

Buffer overflow bugs have been found in the Gaim URL decoder, local
hostname resolver, and the RTF message parser. It is possible that a
remote attacker could send carefully crafted data to a vulnerable
client and lead to a crash or arbitrary code execution. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-0785 to this issue.

A shell escape bug has been found in the Gaim smiley theme file
installation. When a user installs a smiley theme, which is contained
within a tar file, the unarchiving of the data is done in an unsafe
manner. An attacker could create a malicious smiley theme that would
execute arbitrary commands if the theme was installed by the victim.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0784 to this issue.

An integer overflow bug has been found in the Gaim Groupware message
receiver. It is possible that if a user connects to a malicious
server, an attacker could send carefully crafted data which could lead
to arbitrary code execution on the victims machine. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2004-0754 to this issue.

Users of Gaim are advised to upgrade to this updated package which
contains Gaim version 0.82 and is not vulnerable to these issues.

See also :

https://www.redhat.com/security/data/cve/CVE-2004-0500.html
https://www.redhat.com/security/data/cve/CVE-2004-0754.html
https://www.redhat.com/security/data/cve/CVE-2004-0784.html
https://www.redhat.com/security/data/cve/CVE-2004-0785.html
http://gaim.sourceforge.net/security/?id=0
http://gaim.sourceforge.net/security/?id=1
http://gaim.sourceforge.net/security/?id=2
http://gaim.sourceforge.net/security/?id=3
http://gaim.sourceforge.net/security/?id=4
http://gaim.sourceforge.net/security/?id=5
http://gaim.sourceforge.net/security/?id=6
http://rhn.redhat.com/errata/RHSA-2004-400.html

Solution :

Update the affected gaim package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 14696 ()

Bugtraq ID:

CVE ID: CVE-2004-0500
CVE-2004-0754
CVE-2004-0784
CVE-2004-0785