|
|
Info |
Last Modified |
| 10 months ago |
|
|
|
|
Description |
A remote overflow exists in Gaim. Gaim fails to check the length of the destination buffer, when receiveing a reply to a DNS lookup of the local host name resulting in a buffer overflow. With a specially crafted request, an attacker can compromise the system resulting in a loss of integrity.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Unknown
Disclosure:
OSVDB Verified
|
|
Technical |
If the local computers host name is not in /etc/hosts, and the computer performs a DNS query to obtain it's hostname when signing on to zephyr, it could receive a reply with a hostname greater than MAXHOSTNAMELEN (generally 64 bytes). If gethostbyname() does not ensure the size of hostent->h_name is less than MAXHOSTNAMELEN, this value would be copied to a buffer that is not large enough.
|
|
Solution |
Upgrade to version 0.82 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
|
|
Products |
|
gaim
 |
0.81 |
0.82 |
|
|
|
|
|
|
Credit |
Unknown or Incomplete
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
