Bug 153311
Summary: | CAN-2005-0965 Gaim remote DoS issues (CAN-2005-0966) | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Josh Bressers <bressers> |
Component: | gaim | Assignee: | Warren Togami <wtogami> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | impact=important,public=20050401,reported=bugtraq,reported=20050401 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-04-12 13:56:40 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Josh Bressers
2005-04-04 18:28:35 UTC
This issue should also affect RHEL3 I'm not sure if this will affect RHEL2.1 (Warren can you take a look) This issue does not affects RHEL2.1 ====================================================== Candidate: CAN-2005-0965 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0965 Reference: BUGTRAQ:20050401 multiple remote denial of service vulnerabilities in Gaim Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111238715307356&w=2 The gaim_markup_strip_html function in Gaim 1.2.0, and possibly earlier versions, allows remote attackers to cause a denial of service (application crash) via a string that contains malformed HTML, which causes an out-of-bounds read. ====================================================== Candidate: CAN-2005-0966 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0966 Reference: BUGTRAQ:20050401 multiple remote denial of service vulnerabilities in Gaim Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=111238715307356&w=2 Reference: CONFIRM:http://sourceforge.net/project/shownotes.php?group_id=235&release_id=317750 Reference: XF:gaim-irc-plugin-bo(19937) Reference: URL:http://xforce.iss.net/xforce/xfdb/19937 Reference: XF:gaim-ircmsginvite-dos(19939) Reference: URL:http://xforce.iss.net/xforce/xfdb/19939 The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-365.html |