This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
CHAT:AIM:OVERFLOW:AWAY-FS
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
CHAT
|
Keywords |
Away Message Overflow
|
Release Date |
2006/10/09
|
Update Number |
1213
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
AIM: Away Message Overflow
This signature detects abnormally large AIM messages containing format string characters . Malicious users can craft messages to overflow a buffer on some Instant Messenger clients. A successfull attack can allow code execution.
Extended Description
Gaim is prone to multiple vulnerabilities affecting the AIM and ICQ protocols. These issues may allow remote attackers to trigger a buffer overflow or a denial-of-service condition.
All versions of Gaim 1.x are considered vulnerable at the moment.
Affected Products
- Conectiva linux 10.0.0
- Gentoo linux
- Mandriva corporate_server 3.0.0
- Mandriva corporate_server 3.0.0 X86 64
- Mandriva linux_mandrake 10.1.0
- Mandriva linux_mandrake 10.1.0 X86 64
- Mandriva linux_mandrake 10.2.0
- Mandriva linux_mandrake 10.2.0 X86 64
- Red_hat advanced_workstation_for_the_itanium_processor 2.1.0
- Red_hat advanced_workstation_for_the_itanium_processor 2.1.0 IA64
- Red_hat desktop 4.0.0
- Red_hat enterprise_linux_as 2.1
- Red_hat enterprise_linux_as 2.1 IA64
- Red_hat enterprise_linux_es 2.1
- Red_hat enterprise_linux_es 2.1 IA64
- Red_hat enterprise_linux_ws 2.1
- Red_hat enterprise_linux_ws 2.1 IA64
- Red_hat fedora Core1
- Red_hat fedora Core2
- Red_hat fedora Core3
- Red_hat fedora Core4
- Red_hat linux 7.3.0
- Red_hat linux 7.3.0 I386
- Red_hat linux 7.3.0 I686
- Red_hat linux 9.0.0 I386
- Rob_flynn gaim 1.0.0
- Rob_flynn gaim 1.0.1
- Rob_flynn gaim 1.0.2
- Rob_flynn gaim 1.1.1
- Rob_flynn gaim 1.1.2
- Rob_flynn gaim 1.1.3
- Rob_flynn gaim 1.1.4
- Rob_flynn gaim 1.2.0
- Rob_flynn gaim 1.2.1
- Rob_flynn gaim 1.3.0 .0
- Rob_flynn gaim 1.3.1
- Sgi propack 3.0.0 SP6
- Slackware linux 10.0.0
- Slackware linux 10.1.0
- Slackware linux 9.0.0
- Slackware linux 9.1.0
- Slackware linux -Current
- Suse linux_desktop 1.0.0
- Suse linux_enterprise_server_for_s/390 9.0.0
- Suse linux_enterprise_server_for_s/390
- Suse linux_personal 8.2.0
- Suse linux_personal 9.0.0
- Suse linux_personal 9.0.0 X86 64
- Suse linux_personal 9.1.0
- Suse linux_personal 9.1.0 X86 64
- Suse linux_personal 9.2.0
- Suse linux_personal 9.2.0 X86 64
- Suse linux_personal 9.3.0
- Suse linux_personal 9.3.0 X86 64
- Suse linux_professional 7.3.0
- Suse linux_professional 8.2.0
- Suse linux_professional 9.0.0
- Suse linux_professional 9.0.0 X86 64
- Suse linux_professional 9.1.0
- Suse linux_professional 9.1.0 X86 64
- Suse linux_professional 9.2.0
- Suse linux_professional 9.2.0 X86 64
- Suse linux_professional 9.3.0
- Suse linux_professional 9.3.0 X86 64
- Suse novell_linux_desktop 9.0.0
- Suse open-enterprise-server 9.0.0
- Suse suse_linux_enterprise_server 7
- Suse suse_linux_enterprise_server 8
- Suse suse_linux_enterprise_server 9
- Suse suse_linux_retail_solution 8.0.0
- Suse suse_linux_school_server_for_i386
- Suse suse_linux_standard_server 8.0.0
- Ubuntu ubuntu_linux 4.1.0 Ia32
- Ubuntu ubuntu_linux 4.1.0 Ia64
- Ubuntu ubuntu_linux 4.1.0 Ppc
- Ubuntu ubuntu_linux 5.0.0 4 Amd64
- Ubuntu ubuntu_linux 5.0.0 4 I386
- Ubuntu ubuntu_linux 5.0.0 4 Powerpc
References