oss-sec mailing list archives

Re: CVE Request (pidgin)

From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 1 Jul 2008 17:25:40 -0400 (EDT)


Note that the UPnP functionality is characterized by the researchers as a
bandwidth/disk DoS.  I don't know much about UPnP or Pidgin, but it might
be reasonable to investigate what Pidgin does with the file once it's
downloaded the contents.

- Steve


======================================================
Name: CVE-2008-2955
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2955
Reference: BUGTRAQ:20080626 Pidgin 2.4.1 Vulnerability
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/493682/100/0/threaded
Reference: FRSIRT:ADV-2008-1947
Reference: URL:http://www.frsirt.com/english/advisories/2008/1947
Reference: SECUNIA:30881
Reference: URL:http://secunia.com/advisories/30881

Pidgin 2.4.1 allows remote attackers to cause a denial of service
(crash) via a long filename that contains certain characters, as
demonstrated using an MSN message that triggers the crash in the
msn_slplink_process_msg function.


======================================================
Name: CVE-2008-2956
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2956
Reference: MISC:http://crisp.cs.du.edu/?q=ca2007-1
Reference: MLIST:[oss-security] 20080627 CVE Request (pidgin)
Reference: URL:http://www.openwall.com/lists/oss-security/2008/06/27/3

Memory leak in Pidgin 2.0.0, and possibly other versions, allows
remote attackers to cause a denial of service (memory consumption) via
malformed XML documents.


======================================================
Name: CVE-2008-2957
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2957
Reference: MISC:http://crisp.cs.du.edu/?q=ca2007-1
Reference: MLIST:[oss-security] 20080627 CVE Request (pidgin)
Reference: URL:http://www.openwall.com/lists/oss-security/2008/06/27/3

The UPnP functionality in Pidgin 2.0.0, and possibly other versions,
allows remote attackers to trigger the download of arbitrary files and
cause a denial of service (memory or disk consumption) via a UDP
packet that specifies an arbitrary URL.

Current thread:

Re: CVE Request (pidgin) Steven M. Christey (Jul 01)
- Re: Re: CVE Request (pidgin) Nico Golde (Jul 03)
  - Re: Re: CVE Request (pidgin) Josh Bressers (Jul 03)
    - Re: Re: CVE Request (pidgin) Robert Buchholz (Jul 03)
    - Re: Re: CVE Request (pidgin) Josh Bressers (Jul 03)
- Re: Re: CVE Request (pidgin) Vincent Danen (Jul 03)
  - Re: Re: CVE Request (pidgin) Nico Golde (Jul 05)
    - Re: Re: CVE Request (pidgin) Vincent Danen (Jul 08)
- <Possible follow-ups>
- CVE Request (pidgin) Josh Bressers (Aug 05)
  - Re: CVE Request (pidgin) Steven M. Christey (Aug 07)