copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2005.0621 -- RHSA-2005:627-01 -- Critical: gaim security update

Date: 10 August 2005
References: ESB-2005.0719  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                     ESB-2005.0621 -- RHSA-2005:627-01
                      Critical: gaim security update
                              10 August 2005

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Gaim
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux AS/ES/WS 4
                   Red Hat Enterprise Linux Desktop 4
                   Red Hat Enterprise Linux AS/ES/WS 3
                   Red Hat Desktop 3
                   UNIX variants
                   Windows
Impact:            Execute Arbitrary Code/Commands
Access:            Remote/Unauthenticated
CVE Names:         CAN-2005-2370 CAN-2005-2103 CAN-2005-2102

Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-627.html

Comment: This advisory references vulnerabilities in products which run on
         platforms other than RedHat. It is recommended that administrators
         running Gaim check for an updated version of the software for their
         operating system.  More information is available at the vendor's
         homepage at:
         
           http://gaim.sourceforge.net/

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Critical: gaim security update
Advisory ID:       RHSA-2005:627-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-627.html
Issue date:        2005-08-09
Updated on:        2005-08-09
Product:           Red Hat Enterprise Linux
CVE Names:         CAN-2005-2102 CAN-2005-2103 CAN-2005-2370
- - ---------------------------------------------------------------------

1. Summary:

An updated gaim package that fixes multiple security issues is now available.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

Gaim is an Internet Messaging client.

A heap based buffer overflow issue was discovered in the way Gaim processes
away messages. A remote attacker could send a specially crafted away
message to a Gaim user logged into AIM or ICQ that could result in
arbitrary code execution. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.

Daniel Atallah discovered a denial of service issue in Gaim. A remote
attacker could attempt to upload a file with a specially crafted name to a
user logged into AIM or ICQ, causing Gaim to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-2102 to this issue.

A denial of service bug was found in Gaim's Gadu Gadu protocol handler. A
remote attacker could send a specially crafted message to a Gaim user
logged into Gadu Gadu, causing Gaim to crash.  Please note that this issue
only affects PPC and IBM S/390 systems running Gaim. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-2370 to this issue.

Users of gaim are advised to upgrade to this updated package, which
contains backported patches and is not vulnerable to these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

165392 - CAN-2005-2370 gadu gadu memory alignment issue
165400 - CAN-2005-2102 gaim AIM invalid filename DoS
165402 - CAN-2005-2103 Gaim malformed away message remote code execution


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gaim-1.3.1-0.el3.3.src.rpm
dc0bc2cebe945bd90e85ad349909a1b6  gaim-1.3.1-0.el3.3.src.rpm

i386:
33c487f6fe88c3573f63bc4044997cad  gaim-1.3.1-0.el3.3.i386.rpm

ia64:
ab1a9e0a24a296ced5779462f46c26a5  gaim-1.3.1-0.el3.3.ia64.rpm

ppc:
2d58f880338491f34713a51db6aba3ec  gaim-1.3.1-0.el3.3.ppc.rpm

s390:
a0e34b7891936843e174ed7a50634536  gaim-1.3.1-0.el3.3.s390.rpm

s390x:
c3e794cd5b905baf5b29848e47a7b8b2  gaim-1.3.1-0.el3.3.s390x.rpm

x86_64:
5e8c3bf3eb8679f85774713462db8242  gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gaim-1.3.1-0.el3.3.src.rpm
dc0bc2cebe945bd90e85ad349909a1b6  gaim-1.3.1-0.el3.3.src.rpm

i386:
33c487f6fe88c3573f63bc4044997cad  gaim-1.3.1-0.el3.3.i386.rpm

x86_64:
5e8c3bf3eb8679f85774713462db8242  gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gaim-1.3.1-0.el3.3.src.rpm
dc0bc2cebe945bd90e85ad349909a1b6  gaim-1.3.1-0.el3.3.src.rpm

i386:
33c487f6fe88c3573f63bc4044997cad  gaim-1.3.1-0.el3.3.i386.rpm

ia64:
ab1a9e0a24a296ced5779462f46c26a5  gaim-1.3.1-0.el3.3.ia64.rpm

x86_64:
5e8c3bf3eb8679f85774713462db8242  gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gaim-1.3.1-0.el3.3.src.rpm
dc0bc2cebe945bd90e85ad349909a1b6  gaim-1.3.1-0.el3.3.src.rpm

i386:
33c487f6fe88c3573f63bc4044997cad  gaim-1.3.1-0.el3.3.i386.rpm

ia64:
ab1a9e0a24a296ced5779462f46c26a5  gaim-1.3.1-0.el3.3.ia64.rpm

x86_64:
5e8c3bf3eb8679f85774713462db8242  gaim-1.3.1-0.el3.3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gaim-1.3.1-0.el4.3.src.rpm
0dad5d23bfa33dde0464cbe7cbe05e53  gaim-1.3.1-0.el4.3.src.rpm

i386:
c7343c6cc89f9e6e3dd30a9b918a9c8e  gaim-1.3.1-0.el4.3.i386.rpm

ia64:
717a21a30f477f71d6aac3052a6f2fcb  gaim-1.3.1-0.el4.3.ia64.rpm

ppc:
c8609fd4b5cc9801ea6cd131833da6c7  gaim-1.3.1-0.el4.3.ppc.rpm

s390:
5a2aa34b2844b9916e2f2cd2c39f6bb3  gaim-1.3.1-0.el4.3.s390.rpm

s390x:
40f2ac0065deb7cfda303d2efabbf9ac  gaim-1.3.1-0.el4.3.s390x.rpm

x86_64:
7611deb734363f6dceef660f19c3f4b9  gaim-1.3.1-0.el4.3.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gaim-1.3.1-0.el4.3.src.rpm
0dad5d23bfa33dde0464cbe7cbe05e53  gaim-1.3.1-0.el4.3.src.rpm

i386:
c7343c6cc89f9e6e3dd30a9b918a9c8e  gaim-1.3.1-0.el4.3.i386.rpm

x86_64:
7611deb734363f6dceef660f19c3f4b9  gaim-1.3.1-0.el4.3.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gaim-1.3.1-0.el4.3.src.rpm
0dad5d23bfa33dde0464cbe7cbe05e53  gaim-1.3.1-0.el4.3.src.rpm

i386:
c7343c6cc89f9e6e3dd30a9b918a9c8e  gaim-1.3.1-0.el4.3.i386.rpm

ia64:
717a21a30f477f71d6aac3052a6f2fcb  gaim-1.3.1-0.el4.3.ia64.rpm

x86_64:
7611deb734363f6dceef660f19c3f4b9  gaim-1.3.1-0.el4.3.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gaim-1.3.1-0.el4.3.src.rpm
0dad5d23bfa33dde0464cbe7cbe05e53  gaim-1.3.1-0.el4.3.src.rpm

i386:
c7343c6cc89f9e6e3dd30a9b918a9c8e  gaim-1.3.1-0.el4.3.i386.rpm

ia64:
717a21a30f477f71d6aac3052a6f2fcb  gaim-1.3.1-0.el4.3.ia64.rpm

x86_64:
7611deb734363f6dceef660f19c3f4b9  gaim-1.3.1-0.el4.3.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFC+XsMXlSAg2UNWIIRAkchAJ4xRZ0K4XDogeWreByJk0PtEG2jhgCgiYM7
jnQXMv4y3qeWpjZztS/wgQQ=
=MD2b
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBQvmKYSh9+71yA2DNAQKQmAQAhnMoz3UGRR1iK8tPmGQa/mfWOcRSXKr8
QAhDJrR/EcuDp/DjZAfpD9gfuiGPlNCfgLm3pXadgBRvjyXibX06L+x1ZyIJScV6
3daO0w50Ir752u5DtvfStCYz+OdzsC2TZvf+F8hdbfPBTfldBbuYX1vrpu7XzmFF
6uDgb3zE7b0=
=cilU
-----END PGP SIGNATURE-----