FreeBSD : gaim -- MSN denial-of-service vulnerabilities (f2d6a5e1-26b9-11d9-9289-000c41e2cdad)
High Nessus Plugin ID 19168
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionThe Gaim team discovered denial-of-service vulnerabilities in the MSN protocol handler :
After accepting a file transfer request, Gaim will attempt to allocate a buffer of a size equal to the entire filesize, this allocation attempt will cause Gaim to crash if the size exceeds the amount of available memory.
Gaim allocates a buffer for the payload of each message received based on the size field in the header of the message. A malicious peer could specify an invalid size that exceeds the amount of available memory.
SolutionUpdate the affected packages.