Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0500

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0500
Last Modified 21 Aug 2010 12:20:39
Published 28 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0500

Summary

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.

Vulnerable Systems

Operating System

  • Gentoo Linux 1.4

  • Mandrakesoft Mandrake Linux 10.0

  • Mandrakesoft Mandrake Linux 9.2

Application

  • Rob Flynn Gaim 0.10

  • Rob Flynn Gaim 0.10.3

  • Rob Flynn Gaim 0.50

  • Rob Flynn Gaim 0.51

  • Rob Flynn Gaim 0.52

  • Rob Flynn Gaim 0.53

  • Rob Flynn Gaim 0.54

  • Rob Flynn Gaim 0.55

  • Rob Flynn Gaim 0.56

  • Rob Flynn Gaim 0.57

  • Rob Flynn Gaim 0.58

  • Rob Flynn Gaim 0.59

  • Rob Flynn Gaim 0.59.1

  • Rob Flynn Gaim 0.60

  • Rob Flynn Gaim 0.61

  • Rob Flynn Gaim 0.62

  • Rob Flynn Gaim 0.63

  • Rob Flynn Gaim 0.64

  • Rob Flynn Gaim 0.65

  • Rob Flynn Gaim 0.66

  • Rob Flynn Gaim 0.67

  • Rob Flynn Gaim 0.68

  • Rob Flynn Gaim 0.69

  • Rob Flynn Gaim 0.70

  • Rob Flynn Gaim 0.71

  • Rob Flynn Gaim 0.72

  • Rob Flynn Gaim 0.73

  • Rob Flynn Gaim 0.74

  • Rob Flynn Gaim 0.75


References

XF - gaim-msn-bo(16920)

BID - 10865

GENTOO - GLSA-200408-12

REDHAT - RHSA-2004:400

SUSE - SUSE-SA:2004:025

MANDRAKE - MDKSA-2004:081

GENTOO - GLSA-200408-27

FEDORA - FEDORA-2004-279

FEDORA - FEDORA-2004-278

CONFIRM - http://gaim.sourceforge.net/security/?id=0


Last Updated: 27 May 2016 10:38:38