FreeBSD : gaim -- malicious smiley themes (635bf5f4-26b7-11d9-9289-000c41e2cdad)
High Nessus Plugin ID 18959
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe Gaim Security Issues page documents a problem with installing smiley themes from an untrusted source :
To install a new smiley theme, a user can drag a tarball from a graphical file manager, or a hypertext link to one from a web browser.
When a tarball is dragged, Gaim executes a shell command to untar it.
However, it does not escape the filename before sending it to the shell. Thus, a specially crafted filename could execute arbitrary commands if the user could be convinced to drag a file into the smiley theme selector.
SolutionUpdate the affected packages.