Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 160834

Summary: Gaim Denial of Service
Product: [Retired] Fedora Legacy Reporter: John Dalbec <jpdalbec>
Component: gaimAssignee: Fedora Legacy Bugs <bugs>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: rhl7.3   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
URL: http://gaim.sourceforge.net/security/index.php?id=18
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-07-28 23:27:44 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description John Dalbec 2005-06-17 18:47:46 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050519 Netscape/8.0.1

Description of problem:
05.24.26 CVE: CAN-2005-1269
Platform: Cross Platform
Title: Gaim Yahoo! Protocol Support File Download Denial of Service
Description: Gaim is an instant messaging client that supports
numerous protocols. Gaim is affected by a denial of service
vulnerability during the download of a file using the Yahoo! protocol.
This issue can allow remote attackers to cause an affected client to
fail. Gaim versions prior to 1.3.1 are reportedly affected by this
vulnerability.
Ref: http://gaim.sourceforge.net/security/index.php?id=18 

05.24.27 CVE: CAN-2005-1934
Platform: Cross Platform
Title: Gaim MSN Protocol Denial of Service
Description: Gaim is an instant messaging client. It is vulnerable to
a denial of service issue when handling malformed messages using the
MSN protocol. Gaim versions prior to 1.3.1 are not vulnerable.
Ref: http://gaim.sourceforge.net/security/index.php?id=19 

Version-Release number of selected component (if applicable):


How reproducible:
Didn't try


Additional info:

Comment 1 Marc Deslauriers 2005-07-28 23:27:44 UTC
We'll track this in 158543.

*** This bug has been marked as a duplicate of 158543 ***