Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 CHAT:AIM:OVERFLOW:URL

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 CHAT

Release Date

 2005/06/10

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+

AIM: Overly Long URL Sent


This signature detects attempts to exploit a known vulnerability in chat clients. Attackers can include an abnormally long URL within an AIM chat session to execute arbitrary code with privileges of the chat client user, sometimes administrator.

Extended Description

Gaim is susceptible to a remote buffer-overflow vulnerability when handling long URIs. This issue is due to the application's failure to properly bounds-check user-supplied input data before copying it to a fixed-size stack buffer. Due to Gaim's multiple protocol support and to the nature of the differing IM protocols, only some of the IM networks are reported vulnerable (because of the message-length limits imposed by the IM networks). Currently, the Jabber and SILC IM network protocols are known to be vulnerable. Other protocols may also be affected. This vulnerability allows remote attackers to execute arbitrary machine code in the context of the affected application. Gaim versions prior to 1.3.0 are vulnerable to this issue.

Affected Products

  • Conectiva Linux 10.0.0
  • Conectiva Linux 9.0.0
  • Mandriva Linux Mandrake 10.2.0
  • Mandriva Linux Mandrake 10.2.0 X86 64
  • Red Hat Fedora Core1
  • Red Hat Fedora Core2
  • Red Hat Linux 7.3.0
  • Red Hat Linux 7.3.0 I386
  • Red Hat Linux 7.3.0 I686
  • Red Hat Linux 9.0.0 I386
  • Rob Flynn Gaim 0.10.0 X
  • Rob Flynn Gaim 0.10.3
  • Rob Flynn Gaim 0.50.0
  • Rob Flynn Gaim 0.51.0
  • Rob Flynn Gaim 0.52.0
  • Rob Flynn Gaim 0.53.0
  • Rob Flynn Gaim 0.54.0
  • Rob Flynn Gaim 0.55.0
  • Rob Flynn Gaim 0.56.0
  • Rob Flynn Gaim 0.57.0
  • Rob Flynn Gaim 0.58.0
  • Rob Flynn Gaim 0.59.0
  • Rob Flynn Gaim 0.59.1
  • Rob Flynn Gaim 0.60.0
  • Rob Flynn Gaim 0.61.0
  • Rob Flynn Gaim 0.62.0
  • Rob Flynn Gaim 0.63.0
  • Rob Flynn Gaim 0.64.0
  • Rob Flynn Gaim 0.65.0
  • Rob Flynn Gaim 0.66.0
  • Rob Flynn Gaim 0.67.0
  • Rob Flynn Gaim 0.68.0
  • Rob Flynn Gaim 0.69.0
  • Rob Flynn Gaim 0.70.0
  • Rob Flynn Gaim 0.71.0
  • Rob Flynn Gaim 0.72.0
  • Rob Flynn Gaim 0.73.0
  • Rob Flynn Gaim 0.74.0
  • Rob Flynn Gaim 0.75.0
  • Rob Flynn Gaim 0.78.0
  • Rob Flynn Gaim 0.82.0
  • Rob Flynn Gaim 0.82.1
  • Rob Flynn Gaim 1.0.0
  • Rob Flynn Gaim 1.0.1
  • Rob Flynn Gaim 1.0.2
  • Rob Flynn Gaim 1.1.1
  • Rob Flynn Gaim 1.1.2
  • Rob Flynn Gaim 1.1.3
  • Rob Flynn Gaim 1.1.4
  • Rob Flynn Gaim 1.2.0
  • Rob Flynn Gaim 1.2.1
  • SGI ProPack 3.0.0
  • SuSE Linux 1.0.0
  • SuSE Linux 2.0.0
  • SuSE Linux 3.0.0
  • SuSE Linux 4.0.0
  • SuSE Linux 4.2.0
  • SuSE Linux 4.3.0
  • SuSE Linux 4.4.0
  • SuSE Linux 4.4.1
  • SuSE Linux 5.0.0
  • SuSE Linux 5.1.0
  • SuSE Linux 5.2.0
  • SuSE Linux 5.3.0
  • SuSE Linux 6.0.0
  • SuSE Linux 6.1.0
  • SuSE Linux 6.1.0 alpha
  • SuSE Linux 6.2.0
  • SuSE Linux 6.3.0
  • SuSE Linux 6.3.0 alpha
  • SuSE Linux 6.3.0 ppc
  • SuSE Linux 6.4.0
  • SuSE Linux 6.4.0 Alpha
  • SuSE Linux 6.4.0 i386
  • SuSE Linux 6.4.0 ppc
  • SuSE Linux 7.0.0
  • SuSE Linux 7.0.0 Alpha
  • SuSE Linux 7.0.0 i386
  • SuSE Linux 7.0.0 ppc
  • SuSE Linux 7.0.0 sparc
  • SuSE Linux 7.1.0
  • SuSE Linux 7.1.0 Alpha
  • SuSE Linux 7.1.0 ppc
  • SuSE Linux 7.1.0 sparc
  • SuSE Linux 7.1.0 x86
  • SuSE Linux 7.2.0
  • SuSE Linux 7.2.0 i386
  • SuSE Linux 7.3.0
  • SuSE Linux 7.3.0 i386
  • SuSE Linux 7.3.0 ppc
  • SuSE Linux 7.3.0 sparc
  • SuSE Linux 8.0.0
  • SuSE Linux 8.0.0 i386
  • SuSE Linux 8.1.0
  • SuSE Linux Connectivity Server
  • SuSE Linux Database Server
  • SuSE Linux Desktop 1.0.0
  • SuSE Linux Enterprise Server for S/390 9.0.0
  • SuSE Linux Enterprise Server for S/390
  • SuSE Linux IMAP Server 1.0.0
  • SuSE Linux Office Server
  • SuSE Linux Openexchange Server
  • SuSE Linux Personal 8.2.0
  • SuSE Linux Personal 9.0.0
  • SuSE Linux Personal 9.0.0 X86 64
  • SuSE Linux Personal 9.1.0
  • SuSE Linux Personal 9.1.0 X86 64
  • SuSE Linux Personal 9.2.0
  • SuSE Linux Personal 9.2.0 X86 64
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Personal 9.3.0 X86 64
  • SuSE Linux Professional 7.3.0
  • SuSE Linux Professional 8.2.0
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Open-Enterprise-Server 9.0.0
  • SuSE SuSE eMail Server 3.1.0
  • SuSE SuSE eMail Server III
  • SuSE SUSE Linux Enterprise Server 7
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SuSE Linux School Server for i386
  • Ubuntu Ubuntu Linux 4.1.0 Ia32
  • Ubuntu Ubuntu Linux 4.1.0 Ia64
  • Ubuntu Ubuntu Linux 4.1.0 Ppc
  • Ubuntu Ubuntu Linux 5.0.0 4 Amd64
  • Ubuntu Ubuntu Linux 5.0.0 4 I386
  • Ubuntu Ubuntu Linux 5.0.0 4 Powerpc

References

  • BugTraq: 13590
  • CVE: CVE-2005-1261
  • URL: http://secunia.com/advisories/15328
  • URL: http://rhn.redhat.com/errata/RHSA-2005-429.html
  • URL: http://www.frsirt.com/exploits/20050517.gaimpoc.php

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy & Policy
Legal Notices
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out